1 Network Security r Understand principles of network security: m Cryptography and its many uses...
-
Upload
lewis-stephens -
Category
Documents
-
view
218 -
download
1
Transcript of 1 Network Security r Understand principles of network security: m Cryptography and its many uses...
1
Network Security Understand principles of network security:
Cryptography and its many uses beyond “confidentiality”.
Authentication. Message integrity Non-repudiation Key distribution.
Security in practice: Firewalls Security and protocols in application, transport,
network, and link layers (NAT, IPSec, SSL, Kerberos, etc)
2
Security in network layers
3
Common Security Attacks Packet sniffing: To gain access to cleartext network data and
passwords
Impersonation: To gain unauthorized access to data or to create unauthorized e-mails by impersonating an authorized entity
Denial-of-service: To render network resources non-functional
Replay of messages: To gain access to information and change it in transit
Guessing of keys: To gain access to encrypted data and passwords (brute-force attack)
Port scanning: To discover potential available attack points
4
What is Network Security?
Confidentiality: only sender, intended receiver should “understand” message contents
Authentication: sender, receiver want to confirm identity of each other
Message Integrity: sender, receiver want to ensure message not altered without detection
Non-Repudiation: being able to prove that the sender did send the message
5
A Security Example: Alice, Bob, Trudy
Alice and Bob want to communicate “securely”. Trudy (intruder) may intercept, delete, add
messages, and so on to disrupt their communications.
6
Who Might Alice and Bob Be?
Users
Web browser/server for electronic transactions (e.g., on-line purchases)
On-line banking client/server
DNS servers
Routers exchanging routing table updates
7
Cryptography Definitions
Encryption is a process by which a message (called plaintext) is transformed into another message (called ciphertext) using a mathematical function and a special encryption password (called a key).
Decryption is the reverse process
8
Cryptography Definitions
plaintext plaintextciphertext
KA
encryptionalgorithm
decryption algorithm
Alice’s encryptionkey
Bob’s decryptionkey
KB
9
Symmetric (Secret) Key Cryptography
Same key decrypts and encrypts information.
The encryption functions used need not be secret, but the keys used must be secret
Sender and receiver must agree on the key before secured communication starts
The encryption and decryption functions used can be the same or different.
10
Symmetric Key Cryptography: Key Issues
Symmetric key cryptography: Bob and Alice share the same (symmetric) key: K
Question: How is the agreed upon key distributed to both Bob and Alice in a secure fashion?
plaintextciphertext
KA-B
encryptionalgorithm
decryption algorithm
KA-B
plaintextmessage, m
K (m)A-B
K (m)A-Bm = K ( )
A-B
11
Symmetric Key Cryptography: DES
DES: Data Encryption Standard US encryption standard 56-bit symmetric key, 64-bit plaintext input
AES: Advanced Encryption Standard Newer (November 2001) symmetric key replacing
DES. 128, 192, or 256 bit keys, 128-bit plaintext input Brute force decryption (trying each key) would take 1
second on DES, but would take 149 trillion years for AES.
IDEA: International Data Encryption Algorithm 64-bit input, 128-bit keys Stronger, more efficient than DES.
12
Public Key Cryptography
Symmetric key cryptography
Requires both the sender and receiver to know the shared secret key.
Question: how do they agree on the key in the first place (particularly if they have never “met”)?
Public key cryptography
Sender and receiver do not share secret key.
Public encryption key known to all.
Private decryption key known only by the owner.
13
Public (Assymetric) Key Cryptography
Keys are generated in pairs. Public key is publicly registered so everyone
knows it, and private one is kept secret by the owner.
Each key can decrypt what the other encrypts, but not what it encrypts itself.
Important properties of key generation: There is a one-to-one correspondence in the
generated key pairs – if one key can decrypt a message, it must have been encrypted by the other.
It must be extremely difficult, if not impossible, to deduce the private key when given a public key.
14
Public Key Cryptography
plaintextmessage, m
ciphertextencryptionalgorithm
decryption algorithm
Bob’s public key
plaintextmessageK (m)
B+
K B+
Bob’s privatekey
K B-
m = K (K (m))B+
B-
15
Public Key Encryption Algorithms
Diffie-Hellman: the first public key approach proposed.
RSA: the best known public key system, developed by Rivest, Shamir, and Adleman (hence RSA).
DSA: Digital Signature Algorithm, developed by the U.S. National Security Agency (NSA).
16
Symmetric vs. Public Key Cryptography
Which method provides stronger security?
Which method is more convenient?
Which method performs better?
Ideally, we would like to combine the strengths of symmetric and public key cryptography, and avoid their weaknesses: We want the efficiency of symmetric cryptography
combined with the ease of use and convenience of public key cryptography.
17
Hybrid Secret-Public Key Cryptography
When two parties want to communicate securely, public key cryptography is used to exchange a random symmetric session key.
To communicate, symmetric cryptography is used with the session key.
When done, both parties destroy the session key.
18
Hash functions/Message Digests
Message digest is a special kind of checksum produced using cryptographic means.
Typically produced from a one-way hash function that is difficult to reverse or predict.
This function takes the entire input and reduces it to a small value of fixed length, typically 128 to 512 bits in length.
Must be collision-resistant: must be difficult for 2 messages to produce the same digest
Encrypted hash (MAC) is used to ensure authentication and integrity
19
Message Digests: Hash Function Algorithms
MD5 hash function widely used SHA-1 is also used. Issues in both MD5 and SHA-1 have been found
in recent years though These algorithms are now being phased out
morequickly in favour of other, newer approaches like SHA-2.
20
Authentication and Integrity
Authentication is the process of proving one’s identity to someone else.
There are three main ways of authenticatingan individual: Something you know Something you own Something you are
Message integrity: ensuring that a message not altered without detection.
21
Digital Signatures
We would like to have a cryptographic technique analogous to hand-written signatures.
This digital signature is verifiable and not forgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed the document.
Hash encrypted by a private key is a digital signature that is then attached to the original message
By signing only the digest, we have the same level of security, as the digest is tied to the message, with less encryption and decryption overhead.
22
large message
mH: Hashfunction H(m)
digitalsignature(encrypt)
Bob’s private
key K B-
+
Bob sends digitally signed message:
KB(H(m))-
encrypted msg digest
Signed Message Digests as Digital Signatures
23
large message
mH: Hashfunction H(m)
digitalsignature(encrypt)
Bob’s private
key K B-
+
Bob sends digitally signed message:
Alice verifies signature and integrity of digitally signed message:
KB(H(m))-
encrypted msg digest
KB(H(m))-
encrypted msg digest
large message
m
H: Hashfunction
H(m)
digitalsignature(decrypt)
H(m)
Bob’s public
key K B+
equal ?
Signed Message Digests as Digital Signatures
24
Certification Authorities
With public key cryptography there’s a danger of a “man-in-the-middle attacks”
How do we make sure that a particular public key belongs to a certain entity?
How can we avoid impersonation?
The International Telecommunication Union (ITU) specifies an authentication service and specific syntax for certificates in X.509.
25
Certification Authorities
Certification Authority (CA): binds a public key to particular entity, E.
E (person, router) registers its public key with CA. E provides “proof of identity” to CA. CA creates certificate binding E to its public key. Certificate containing E’s public key digitally signed
by CA – CA says “this is E’s public key”Bob’s public
key K B+
Bob’s identifying informatio
n
digitalsignature(encrypt)
CA private
key K CA-
K B+
certificate for Bob’s public
key, signed by CA
26
Certification Authorities
When Alice wants Bob’s public key: Gets Bob’s certificate (Bob or elsewhere). Apply CA’s public key to Bob’s certificate,
get Bob’s public key.
Bob’s public
key K B+
digitalsignature(decrypt)
CA public
key K CA+
K B+
27
Firewalls
isolates an organization’s internal network from a larger external network, allowing some packets to pass, blocking others
firewall
28
Packet Filtering FirewallsAll incoming and outgoing packets are examined according to some parameters (such as source/destinations IP address and/or port number)
29
Application Layer Gateway/Firewalls
An application gateway (proxy) is an application-specific server through which all application data (inbound and outbound) must pass.
30
IPsec: Network Layer Security
Network-layer secrecy: Sending host encrypts the
data in IP datagram. TCP and UDP segments;
ICMP and SNMP messages.
Network-layer authentication Destination host can
authenticate source IP addresses.
Two principle protocols: Authentication header
(AH) protocol Encapsulation security
payload (ESP) protocol
For both AH and ESP protocols, the source and destination handshake: Create network-layer
logical channel called a security association (SA).
31
Authentication Header (AH) Protocol
Provides source authentication, data integrity, but not confidentiality.
AH header inserted between IP header, data field.
IP header data (e.g., TCP, UDP segment)AH header
32
Encapsulation Security Payload (ESP) Protocol
Provides secrecy, host authentication, and data integrity.
Packet data and the ESP trailer are encrypted.
IP header TCP/UDP segmentESP
headerESP
trailerESP
authent.
encryptedauthenticated
33
Secure Sockets Layer (SSL)
Transport layer security to any TCP-based application using SSL services.
Used between Web browsers, servers for e-commerce (shttp).
Security services: Server authentication. Data encryption. Client authentication
(optional).
Server authentication: SSL-enabled browser
includes public keys for trusted CAs.
Browser requests server certificate, issued by trusted CA.
Browser uses CA’s public key to extract server’s public key from certificate.
34
SSL (Continued)
Encrypted SSL session: Browser generates
symmetric session key, encrypts it with server’s public key, sends encrypted key to server.
Using private key, server decrypts session key.
Only the browser and server know session key. All data sent into TCP
socket (by client or server) encrypted with session key.
SSL can be used for non-Web applications, e.g., IMAP.
Client authentication can be done with client certificates which have also been issued by CAs.
SSL serves as a basis for TLS protocol
35
VPN A virtual private network is an extension of an
enterprise's private intranet across a public network such as the Internet, creating a secure private connection, through a private tunnel.
36
Kerberos
an encryption-based security system that provides mutual authentication between the users and the servers in a network environment.
Authorization can be implemented independently from the authentication
a ticket-granting server (key distribution center) acts as a mutually trusted third party
37
Key Distribution Centers (KDCs)
Alice, Bob need shared symmetric key. KDC: server shares different secret key with each
registered user (many users). Alice, Bob know own their symmetric keys, KA-KDC
and KB-KDC , for communicating with KDC.
KB-KDC
KX-KDC
KY-KDC
KZ-KDC
KP-KDCKB-KDC
KA-KDC
KA-KDC
KDC
38
Key Distribution Centers (KDCs)
Aliceknows
R1
Bob knows to use R1 to communicate with Alice
Alice and Bob communicate: using R1 as session key for shared symmetric
encryption
Q: How does KDC allow Bob, Alice to determine shared symmetric secret key to communicate with each other?
KDC generate
s R1
KB-KDC(A,R1)
KA-KDC(A,B)
KA-KDC(R1, KB-KDC(A,R1) )