Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue...
-
date post
20-Dec-2015 -
Category
Documents
-
view
215 -
download
0
Transcript of Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue...
To summarise yesterday
• Security is a system issue• Technology and security specialists are part of the
system• Users from inside the organisation are usually the
biggest risk – they have the motivation• As systems architect – you are responsible• The system has to be designed to protect itself –
user profiles, database views etc.
Are Networks a risk?
• Yes• Two main areas where an intruder can listen
passively• Within a collision zone on the LAN – a “sniffer”
can look at all datagrams passing the NIC not just datagrams addressed to it
• At a router – much more difficult
• Internet• More difficult to read – sniff
• Easier to write – spoof - pretend to be someone else
Firewalls
• Routers as packet filters
• Application level firewalls - proxy
InternalNetwork
Outside worldRouter
Application
Firewalls
But there may be other connections to the outside world
Routers as Firewalls
• A Router is usually the connection to the outside world
• Routers can check all packets• Source & destination addresses
• Protocol – eg TCP UDP
• Port number – application eg Telnet
• Little intelligence – work quickly• Use NAT to hide topology of the internal network
Application firewalls
• Mail servers & Internet proxy servers are examples
• Higher level of intelligence
• Can implement most security policies e.g. could limit WEB requests from Purchasing to between 8:00am and 6:00pm
• Has logging & auditing capabilities
• Slows throughput but as a caching device can also speed up WEB access
• Application specific
Secure communications
• Secrecy – only the two parties should understand the messages
• Authentication – each party should know the messages are from the right person
• Message integrity – the messages must not be able to be changed
Secrecy - encryption
• Encryption has been around for centuries• It used to be reliant on keeping the algorithm
secret• But computers make it easier to encrypt and to
break the code• Early computer development was made by code
breakers during WW2 – Enigma - Turing at Bletchley Park
Four elements to encryption
• The Original or plain text• An Encryption method – the algorithm is common
and normally well known – a transformation method
• The Key – many locks are the same but the key is different. The key must be secret to the parties.
• The Encrypted text
Attacks on algorithms
• Brute force is too difficult
• Plain text attacks is more useful if you know– The algorithm– The encrypted text and the– Plain text (remember Enigma)
Common security protocols
• IPsec for IP traffic across the Internet – VPNs• SSL – Secure Socket Layer – secures WWW
connections• PGP – Pretty Good Privacy and S/MIME secure
email• SET secures Internet financial transactions
These protocols may use different algorithms for encryption and Digital signatures
Protocols use 6 basic tools
• Symmetric encryption
• Public key encryption
• One way hash codes
• Message authentication schemes
• Digital signature schemes
• Random number generators
Two types of key
• Symmetric key – each party has the same key and thus must be kept secret
• Asymmetric or public keys – • the writer uses a public key to encrypt, but this
cannot decrypt, thus it can be public knowledge
• The reader has a private key to decrypt. This must be kept secret
Bob generates two keys- he gives the public key to any one who wants it - Bob keeps the private key
Alice et al
Alice sends Bob a messageEncrypted with HIS public key
No one can decrypt the Message with the public key
Bob however is the only Person to have the privateKey, and thus only he can Decrypt the message
Bob
DES – Data Encryption Standard
• Symmetric key• Developed by US National Bureau of Standards• Uses a 56 bit key (triple DES 112 bits)• In 2000 it took a network of computers 22 hours
to break the key• Good enough for most of us.
RSA Algorithm
• Asymmetric key method
• Recommends a key length of 768 bits or greater
• Asymmetric encryption takes 1000 more CPU time
• Usually used in combination with DES• Alice wants to talk to Bob
• Alice sends a DES key for the session to Bob, encrypted using his public RSA key
• Only Bob can decrypt the session key
• It is then used for the session
• Kurose page 571 for details on these methods
Using the hybrid approach is usual
• It is normal in all security protocols– PGP– S/MIME– Etc
• The protocol generates a session key using a random number generator
• This is encrypted using the receiver’s public key and sent to the other party
• The symmetric key is then used to encrypt the session
Authentication
• If Alice sends a message to Bob, how does he know it is Alice?
• Alice’s IP address – but can be spoofed
• Use a special password – but even if encrypted it can be used in playback mode
• Use of a random number or nonce
Authentication by Nonce
• Alice sends Hi to Bob
• Bob sends back a “nonce” in plain text
• Alice encrypts the nonce with their symmetric key
• Bob decrypts and compares it to the number he sent
Message integrity
• The digital world need some way of knowing that a message came from the specified person, has not been changed, and that the writer cannot repudiate the message
• One characteristic of the RSA method is that it also works in reverse. If Bob encrypts a message using his private key, then it can be decrypted by a person having the public key
• Thus one knows• It came from Bob
• It has not been changed
Message Digest
• Use of the RSA key might be overkill for large documents
• Can calculate a fingerprint (like a hash total) that will prove the message has not been changed
• This fingerprint is then encrypted with the author’s private key
• Holders of the author’s public key can then know that the message came from the author and has not been changed
Key Distribution Centres
• Trusted intermediary - Verisign
• Can be authorised to distribute shared private keys, or a person’s public key