L0. Introduction

download L0. Introduction

of 23

  • date post

    25-Feb-2016
  • Category

    Documents

  • view

    33
  • download

    2

Embed Size (px)

description

L0. Introduction. Rocky K. C. Chang , January 2013. The Internet is inherently insecure. Internet backbone infrastructure: DoS , worm Routing protocols (BGP): route hijacking DNS: poisoning, DoS - PowerPoint PPT Presentation

Transcript of L0. Introduction

A Security Primer and Overview of Network Security Protocols

L0. IntroductionRocky K. C. Chang, January 2013The Internet is inherently insecure.2Rocky K. C. ChangInternet backbone infrastructure: DoS, wormRouting protocols (BGP): route hijackingDNS: poisoning, DoSCore Internet protocols (e.g., IP, TCP/UDP, HTTP): eavesdropping, modification, authenticationLAN security: eavesdropping, modification, authenticationHost security (e.g., Web servers, database): DoS, authentication, phishing, malicious software implant, identity and data theft, data exfiltration, etc.Internet security is inherently complex.3Rocky K. C. ChangA packet goes through many hops and links.Involve from the physical layer and up.Physical layer securityNetwork securitySystem securityApplication securityComplexity in software and protocolsSoftware agesSome protocol fields are never tested.The weakest linkThe human factorThe success of Internet makes things worse.Security verses privacy (anonymity)How to measure security?Internet security is more than cryptography.4Rocky K. C. ChangCryptography is not the solution to many security problems, e.g., software exploit, DoS.The vulnerability could come from the implementations of the cryptographic algorithms.Cryptography affects performance.Ease of useSecurity involves 5Rocky K. C. ChangThreats: potential violation of securityPoliciesSecurity policies: trust and access controlConfidentiality policies: The Bell-LaPadula modelIntegrity policies: Clark-Wilson integrity modelHybrid policies: Chinese Wall modelsDesign and implementationIdentity representation, access control lists, information flow, etcEncryption and key managementAuthentication (human, user account, machine, service)Security involves6Rocky K. C. ChangHow to ascertain how well a system meets its security goals?Assurance, system evaluation (TCSEC)Miscellaneous, e.g.,Viruses, worms, software securityAuditingIntrusion detectionSystem securityNetwork securityUser securityThis course is not about7Rocky K. C. ChangCryptography, the art of secret writing,Writing computer viruses and worms,Special techniques of attacking and defending,The lower layer security measures,System security,Biometrics,Application-specific securityThis course is about8Rocky K. C. ChangUnderstand the 3 fundamental cryptographic functions used in network security.Understand the issues involved when applying the cryptographic functions to the network protocols.Understand the main elements in securing todays Internet infrastructure.Exposed to some current Internet security problems.Purposes of network security9Rocky K. C. ChangConfidentiality (or secrecy): Prevent others from reading information shared between two participants.Authentication: Verify someones or somethings identity.Message integrity: Assure that the message received has not be altered since it was generated by a legitimate source.Nonrepudiation: A sender should not be able to falsely deny later that he sent a message.Legitimate (and authorized) usage: Ensure that the network and system resources are properly utilized.Possible threats10Rocky K. C. ChangObtaining information for Secrecy, authenticationModifying information for Authentication, message integrityStealing information for Secrecy, authentication, legitimate usageLying electronically for NonrepudiationBackmail for Secrecy, legitimate usage, message integrityRevenge for Legitimate usage, message integrityTesting for Legitimate usage, message integrityContracted for Secrecy, authentication, legitimate usage, message integrityFun for Secrecy, authentication, legitimate usage, message integrityThe goals of security11Rocky K. C. ChangPrevention: Confidentiality, source authentication, nonrepudiation, and legitimate usageActive countermeasuresDetection:Message authentication, nonrepudiation, and legitimate usageActive and passive countermeasuresRecovery:Legitimate usageRely on the detection.Traceback:Locate the actual attack source(s).

Scope of considerations12Rocky K. C. ChangTwo casesThe secrecy, message integrity, authentication, and nonrepudiation services are provided by some cryptographic functions.Denial-of-service, worms, viruses, etcScope:Concern mainly communication between two parties (group communication security is another important topic).Concern attacks against protocols, not those against cryptographic algorithms or cryptographic techniques used to implement the algorithms.Cryptography13Rocky K. C. ChangPlaintext (encryption) ciphertextCiphertext (decryption) plaintextWhat is the secret?The cryptographic algorithm (restricted algorithm)The cryptographic algorithm is not a secret, but the key is.Level of security the length of the key the time of discovering the key using brute forceThe security problem is reduced to the securing of the key.Types of attacks14Rocky K. C. ChangPassive attacks (eavesdropping), e.g., ciphertext-only attacks (recognizable plaintext attacks)Fred has seen some ciphertext.known-plaintext attacksFred has obtained some pairs.chosen-plaintext attacksFred can choose any plaintext he wants.Active attacks, e.g.,pretend to be someone elseintroduce new messages in the protocoldelete existing messagessubstituting one message for anotherreplay old messagesThree cryptographic functionsHash functions: require 0 keySecret key functions: require 1 keyPublic key functions: require 2 keys

15Rocky K. C. Chang15Secret key (symmetric) cryptography16Rocky K. C. ChangGiven:Alice and Bob agree on a secret key cryptosystem.Alice and Bob agree on a key (secret) K.Encryption and decryption using the key.Alice encrypts M with K: K{M} Bob decrypts K{M} with K MProblems:Keys must be distributed in secret.Compromising keys means compromising all aspects of security.The number of keys is not scalable to the user population size.Usages of the secret key cryptographyTransmitting over an insecure channelSecure storage on insecure mediaAuthentication:Challenge-response authentication with shared secret

Message integrity check

17Rocky K. C. ChangPublic key (asymmetric) cryptography18Rocky K. C. ChangGiven:Alice and Bob agree on a public key cryptosystem.Alice owns a pair of public key and private key, and Bob knows Alices public key, which is not a secret.Encryption using the public key and decryption using the private key. Alice encrypts M with Bobs public key: {M}BobBob decrypts {M}Bob with its private key MGenerate a digital signature on a message:Alice signs M with its private key: [M]Alice.Bob verifies Alices signature on [M]Alice with Alices public key.Usages of the public key cryptographyProblems:Public-key algorithms are slow. Secret key algorithms are at least 1,000 times faster.Obtain the public key reliably.Usages:Transmitting over an insecure channelSecure storage on insecure media (difference as compared with the secret key cryptography?)Authentication:

Nonrepudiation with the digital signatures.

19Rocky K. C. ChangHash functions20Rocky K. C. ChangA hash (message digest or one-way function) produces a short, fixed-sized output h(m) for a message m.Properties:One-way functions are relatively easy to compute, i.e., given x and compute h(x).However, given h(x), it is significantly harder to compute x.It is computationally infeasible to find two inputs that hash to the same value.

Usages of hash functions21Rocky K. C. ChangPassword hashingMessage integrityKeyed hash: compute h(message | key) and send the result with the message.Message fingerprintingDownline load securityDigital signature efficiencySecuring the Internet22Rocky K. C. ChangIP Security (IPSec)TCP and UDP insecuritySSL/TLSDNS securityFirewallsDoS attacks and the countermeasuresBuffer overflow attacks and the countermeasuresWireless LAN securityAcknowledgments23Rocky K. C. ChangThis set of notes is based onC. Kaufman, R. Perlman, and M. Speciner, Network Security: Private Communication in Public World, Second Edition, Prentice Hall PTR, 2002.L. Peterson and B. Davie, Computer Networks: A Systems Approach, Morgan Kaufmann, 2000.B. Schneier. Applied Cryptography, Second Edition, Wiley, 1996.M. Bishop, Introduction to Computer Security, Addison Wesley, 2005.

Secret key functionsPublic key functionsHash functionsSecrecy serviceAuthentication serviceMessage integrity serviceNonrepudiation servicerA

rB encrypted with K

rA encrypted with K

rB

AliceBobr encrypted with Bobs public key

decrypted with Bobs private key

AliceBob