07/11/2012 ian/modules/COM342/COM342_L10B.ppt L10B/1/40 COM342 Networks and Data Communications Ian...
-
Upload
nickolas-jordan -
Category
Documents
-
view
223 -
download
1
Transcript of 07/11/2012 ian/modules/COM342/COM342_L10B.ppt L10B/1/40 COM342 Networks and Data Communications Ian...
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/1/40
COM342Networks and Data Communications
Ian McCrum Room 5B18
Tel: 90 366364 voice mail on 6th ring
Email: [email protected]
Web site: http://www.eej.ulst.ac.uk
Lecture 10B: Security; authentication and encryption
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/2/40
Keypoints
• War driving, what is it.
• Brief knowledge of common key (symmetric cryptography) and private/public key encryption (asymmetric cryptography)
• Public Key repositories; certificates.
• Authentication and encryption,
• SSH how it is used (no need to know detailed protocol)
• Tunnelling
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/3/40
Security Issues
• War Driving / Sniffing (Parking Lot attack)• Rogue Access Points• MAC Address• SSID• WEP
• SSH• Tunnels and secure IP links• Keys; private and public, trusted key repositories
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/4/40
War Driving
• War driving is one of the latest hacker fads– http://www.wardriving.com/
• Involves driving around and scanning in search of unprotected 802.11 wireless networks
• Several War Driving tools are available– NetStumbler
– AiroPeek
– MobileManager
– Sniffer Wireless
– THC-WarDrive
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/5/40
Net Stumbler
•The MAC address of the access point
•The network name
•SSID
•Manufacturer
•Channel that it was heard on
•WEP Enabled (Yes or No)
•Signal strength
•Signal to Noise Ratio
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/6/40
War Driving Example
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/7/40
Parking Lot Attack
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/8/40
War Chalking
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/9/40
Unauthorized Access Points
• Install access points without permission
(Sack ‘em!)
• Security is NOT enabled
• The whole Network becomes vulnerable
to war driving/sniffing attacks
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/10/40
Using MAC Address
• Control access by allowing only valid
MAC addresses to access the network• Complicated and difficult to maintain list of valid MAC
addresses• Using software, MAC addresses can be spoofed
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/11/40
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/12/40
Modern Cryptography
• Two broad classes– 1. Shared-key cryptography
– 2. Public-key cryptography
• There are many others, one time cipher etc., Also various algorithms.
• RSA , DES, RC4, etc.,• A good read (good Christmas Present!) is “The Code
Book” by Simon Singh 1999 ISBN 1-85702-879-1. It contains a £10,000 cipher challenge!
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/13/40
History of Cryptography
Symmetric Cryptography - The Only Solution Prior To 1975
Crypto Engine
Crypto Engine
Clear Text
Clear Text
Cipher Text
Key Distribution & Management
Encryption Decryption
Central Key Generation
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/14/40
Symmetric Key Encryption
EncryptionEncryption
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
““AxCv;5bmEseTfid3)AxCv;5bmEseTfid3)fGsmWe#4^,sdgfMwifGsmWe#4^,sdgfMwir3:dkJeTsY8R\s@!r3:dkJeTsY8R\s@!q3%”q3%”
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
DecryptionDecryption
Plain-text inputPlain-text input Plain-text outputPlain-text outputCipher-textCipher-text
Same keySame key
(shared secret)(shared secret)
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/15/40
History of Cryptography
Pub Key Crypto Engine
Pub Key Crypto Engine
Clear Text
Clear Text
Cipher
Text
Key Distribution & Management
Encryption Decryption
Key Pair Generation
(1) Whitfield Diffie and Martin Helman, “New Directions In Cryptography”, IEEE Transactions On Information Theory, v.IT-22 n.6, 6 Nov 1976, pp 644-654
“Private” Key
Certificate Repository
“Public” Key
Asymmetric Cryptography - Publicly Introduced In 1975(1)
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/16/40
Public Key Encryption
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
““Py75c%bn&*)9|Py75c%bn&*)9|fDe^bDFaq#xzjFr@gfDe^bDFaq#xzjFr@g5=&nmdFg$5knvMd’r5=&nmdFg$5knvMd’rkvegMs”kvegMs”
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
Clear-text inputClear-text input Clear-text outputClear-text outputCipher-textCipher-text
DifferentDifferent keys keys
Recipient’s Recipient’s public keypublic key
Recipient’s Recipient’s private keyprivate key
privatepublic
EncryptionEncryption DecryptionDecryption
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/17/40
What are the PKI Keys?
PIN 5638
Private Key
• Protected by owner• Used to sign messages• Used to decrypt messages• Kept in physical possession of owner
12429Bill
Public Key
• Distributed freely and openly• Used to verify signatures• Used to encrypt messages• Kept in public certificate key
directory servers
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/18/40
Public Key Cryptography
• Public/private key pair• Only the owner knows the private key, but everyone
knows the public key• If the message is encrypted with the private key, then
everyone with the public key can recover the message, but only the owner can generate the encrypted message
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/19/40
Continued
• If the message is encrypted with the public key, only the owner can decrypted it using its private key
• The first property can be used for signature and the second property can be used for encryption.
• It is computationally intensive so one popular practical encryption system SSH, uses private and public keys to initially authenticate each end of a link and then switches to a common “one-time” key to speed things up
• SSH is a modern replacement for telnet but it can also tunnel other ports…
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/20/40
Public Key Pairs
priv
ate
priv
ate
publicpublic
Public and private keys are always Public and private keys are always generated as agenerated as a matchedmatched pairpair
Keys are mathematically related but it is Keys are mathematically related but it is computationally infeasiblecomputationally infeasible to deduce a to deduce a private key from its public keyprivate key from its public key
Private keys are kept secret - preferably by Private keys are kept secret - preferably by being stored in a tamper-resistant chipbeing stored in a tamper-resistant chip
pri
vate
pri
vate
Public keys are just that - Public keys are just that - public!public!
MM
SMART SMART CARDCARD123 89 3486123 89 3486
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/21/40
Key Management
• Ideally, every person has two key pairs:– Key-exchange key pair– Signature key pair– Key pairs are distinct
• Public and private keys are always generated as a pair at the user’s machine
• Public key can be openly shared• Private key is always kept private (it never leaves the
machine where it was generated)• A complex protocol passes data back and forth to
ensure each is who they say there are.
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/22/40
Alice knows Bob’s address
Bob receives Alice’s mail without any
assurance oforiginator,
confidentialityor integrity of contents
Transmitted “in the clear”
TO:BOB
‘Postcard’
No Protection
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/23/40
Alice signs record using
Private Key
Bob verifies Alice was sender from Alice’s
Public Key at certificate repository
Record with digital signature transmitted
electronically
Certificate Repository
33728 Alice
Obtains Alice’s
Public Key
“Token”Contains Private
Key materialPIN 5556
10011011..
Digital Signature
33728Alice
TO: BOB
FROM:ALICE
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/24/40
Sends to Bob
Alice gets Bob’sPublic Key from
certificate repository
Encrypts transmissionusing Bob’s Public Key
Bob decrypts using his Private Key
Obtains Bob’s
Public Key
Certificate Repository
999081 Bob
Certificate Repository
“Token”Contains Private
Key material
TO: BOB
11011010..
Encryption
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/25/40
PIN 5556
Digital Signature & Encryption
PKIDSS1097.PPT
Sends toBob
Alice gets Bob’sPublic Key from
certificate repository
Encrypts transmissionusing Bob’s Public
Key
Bob decrypts using his
Private Key
Bob verifies Alice was sender from
Alice’s Public Key from certificate
repository
999081 Bob
33728 Alice
Obtains Bob’s
Public Keyverifie
s Alice
as originator
Alice digitally signs record
using her Private Key
Certificate Repository
“Token”Contains Private
Key material
“Token”Contains Private
Key materialPIN 9086
10011011...
11011010...999081
Bob
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/26/40
• RSA authentication uses the property that anything encrypted with the public key of a key pair can be decrypted only with the private key. The reverse is also true. A second property is that it is not possible to derive the private key from the public key or vice versa.
• Thus a host generates a random string, and encrypts it with the public key of a remote host. If the remote host correctly decrypts the string and returns it, it is considered authenticated. By forcing both ends to verify their identity, ssh provides protection against three common spoofing attacks: DNS, IP and routing spoofing.
• ssh encryptionIn addition to authentication, ssh also provides several options for encryption. IDEA is the default cipher for encryption, but DES, 3DES, and blowfish are also available. ssh employs symmetric key encryption for the data transfer because public key encryption is too computationally expensive. The client generates a random string for use as the symmetric key and sends it to the server encrypted with the server's public key, so someone eavesdropping can't get the key. The encryption is automatic, end-to-end, and is started immediately after host authentication, but before user authentication. This way, even if the user must enter her password, it is sent over a secure channel. No configuration is necessary to enable encryption. In fact, it can't be disabled, except at compile time.
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/27/40
Practical SSH sessions• When you ssh to a host you've never talked to before, it sends you its public key. This
is possibly a security hole, since a fake host could get you to take its key instead at this point.
a. Example
$ ssh somehost The authenticity of host 'somehost (192.168.1.1)' can't be established. RSA key fingerprint is 90:9c:46:ab:03:1d:30:2c:5c:87:c5:c7:d9:13:5d:75. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'somehost' (RSA) to the list of known hosts. user@somehost's password: [not shown]
b. Explanation
ssh is warning you that it doesn't really know about this host yet. It shows you the hostname and IP address, so you can be sure you're talking to the correct computer. It also shows the fingerprint of the server's public key. If you know what the fingerprint should be, you can check it and disallow it if it doesn't match.
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/28/40
Practical SSH continued…Reasonable paranoia
Most of the time, it's pretty safe to just accept host keys. At least within a controlled environment such as UUJ, it's unlikely that someone could compromise the network enough to have their computer masquerading as, say, one of the gl machines. In other situations, it's up to you to decide whether to get key information from the server admin before connecting.
Changed host key example
$ ssh somehost @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 90:9c:46:ab:03:1d:30:2c:5c:87:c5:c7:d9:13:5d:75. Please contact your system administrator. Add correct host key in /home/user/.ssh/known_hosts to get rid of this message. Offending key in /home/user/.ssh/known_hosts:1
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/29/40
Using SSH• Another convenient feature of ssh is the ability to forward
arbitrary TCP ports over the secure connection. ssh supports forwarding client local ports to a second remote system via the secure connection to the remote server, as well as forwarding ports from the remote server to a second local system.
• ssh [email protected] -C –L 25025:remote.mc.com:110
• Now if I telnet to localhost –p 25025 It is as if I had telneted direct to port 110 on the remote machine, except it actually went over the SSH port-port link, encrypted!
• Localhost is 127.0.0.1, and is always the local machine, this is an IP number that never goes onto the cable but is “looped back” through the TCP/IP stack
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/30/40
RSA encryption (from “The Code Book” by Simon Singh
• Alice picks two giant prime numbers p and q e.g (p=17, q=11)
• Multiply these to get N=187. Now pick another number e.g e=7
• e and (p-1).(q-1) should be relatively prime
• Publish e and N in a directory. These numbers are needed for encryption. Together they are called the public-key N must be unique.
• To encrypt: convert the message into a number, M and generate the ciphertext C as C=Me(mod N).
• E.g Bob wants to send Alice a “kiss” the letter X is 1011000=88
• C=887(mod 187) (this is too big for calculators but it can be factored…the answer is 11.
• Alice can calculate a special number known as a decryption key d such that e.d = 1( mod(p-1).(q-1)) hence d=23
• To decrypt the message M=Cd(mod 187) = 1123 mod 187 = 88 in decimal
• Of course working out 1123 is tricky, but it can be factored into parts
“[ (111mod 187) . (112mod 187) . (114mod 187) . (1116mod 187) ] (mod 187 )”
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/31/40
Proposed Solutions to Enhance Security
• Virtual Private Network (VPN)
• Secure LAN (SLAN)
• Remote Authentication Dial In User Services (RADIUS)
• ipsec
• CIPe
• 802.1x
• Proprietary WEP Implementations
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/32/40
VPN
• Enables you to send data between two computers across a shared or public network in a manner that emulates the properties of a point-to-point private link
• Provides a scaleable authentication and encryption solution
• Does require end user configuration and a strong knowledge of VPN technology
• Users must re-authenticate if roaming between VPN servers
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/33/40
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/34/40
Secure LAN (SLAN)
• A GPL open-source “VPN” System• Provides server authentication, client authentication, data
privacy, and integrity using per session and per user short life keys
• Simpler and more cost efficient than a VPN• Support for Windows and Linux• Website: http://slan.sourceforge.net/
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/35/40
SLAN Architecture
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/36/40
RADIUS
• Several 802.11 access points offer RADIUS authentication
• Clients can gain access to the network by supplying a username and password to a separate server
• This information is securely sent over the network eliminating the possibility of passive snooping
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/37/40
IPsec• Provides encryption and authentication services at the IP level of the network
protocol stack
• Can be used to secure nearly any type of Internet traffic
• Legacy applications not implementing secure communications can be made secure using IPsec
• Examples:
– Free S/WAN - http://www.freeswan.org/
• IPsec authenticates machines, not users
• IPsec does not stop Denial-of-Service attacks
• IPsec is not true end-to-end security
• IPsec cannot be secure if your system isn’t
IPsec - Disadvantages
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/38/40
802.1x
• Provides enhanced security for users of 802.11b WLANs
• Provides port-level authentication for any wired or wireless Ethernet client system
• 802.1x was originally designed as a standard for wired Ethernet, but is applicable to WLANs
• It leverages many of the security features used with dial-up networking (RADIUS)
• Also uses Extensible Authentication Protocol (EAP, RFC 2284)
• Built in support in Windows XP
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/39/40
07/11/2012 www.eej.ulst.ac.uk/~ian/modules/COM342/COM342_L10B.ppt L10B/40/40
SummaryYou do not need to know very much about the preceding slides.
• War driving, what is it.
• Brief knowledge of common key (symmetric cryptography) and private/public key encryption (asymmetric cryptography) Be able to describe the difference between each.
• Public Key repositories; certificates.
• Authentication and encryption, describe what each is and why it is needed
• SSH what is it (no need to know detailed protocol)
• Tunnelling,