Network security - PowerPoint PPT Presentation

1 / 90
About This Presentation
Title:

Network security

Description:

'bob, I love you. Alice' = 'ere, l oryth brx. dolfh' Take letter in plaintext message ... Repeated Squaring: calculate y = x e mod n. int repeatsquare( int x, ... – PowerPoint PPT presentation

Number of Views:110
Avg rating:3.0/5.0
Slides: 91
Provided by: mass6
Category:

less

Transcript and Presenter's Notes

Title: Network security


1
Network security
  • Foundations
  • what is security?
  • cryptography
  • authentication
  • message integrity
  • key distribution and certification
  • Security in practice
  • application layer secure e-mail
  • transport layer Internet commerce, SSL, SET
  • network layer IP security

2
Network Security
Network Entities Friends and Enemies
Insecure medium
  • well-known in network security world
  • Bob, Alice want to communicate 'securely'
  • Trudy, the intruder may intercept, delete, add
    messages

Routers exchange tables
Email applications exchange secure emails
Client-server establish secure transport
connection
3
What is network security?
DESIRABLE PROPERTIES OF SECURE CONNECTION
  • Secrecy only sender, intended receiver should
    understand message contents
  • sender encrypts messages
  • receiver decrypts messages
  • Authentication sender, receiver want to confirm
    identity of each other
  • Message Integrity sender, receiver want to be
    sure message did not get altered (in transit), or
    get altered without detection

1
2
3
4
What is network security?
DESIRABLE PROPERTIES OF SECURE CONNECTION
  • Availability and Access Control
  • communication can occur in the first place
  • Prevent Denial-of-Service attacks (DoS)
  • ensures network entities can gain access to
    resources if they have access rights and perform
    accesses in a well-defined manner
  • Firewall controls access to and from the
    network by regulating which packet can pass into
    and out of the network

4
5
Network Security
CYCLE IN ACHIEVING NETWORK SECURITY
  • Protect network communication and network
    resources
  • Detect breaches of secure communication
    attacks on infrastructure
  • Respond deployment of additional protection
    mechanisms

1
2
3
6
Internet security threats
Sniffer tool for capturing packets sent across
wire/air
  • Packet sniffing
  • broadcast media (remember CSMA/CD protocol)
  • promiscuous NIC reads all packets passing by
  • can read all unencrypted data (e.g. passwords)
  • e.g. C sniffs B's packets

C
A
B
e.g. TCPDump, Snoop, Snort, Ethereal
7
Ethereal
Ethereal is used by network professionals around
the world for troubleshooting, analysis, software
and protocol development, and education. It runs
on all popular computing platforms, including
Unix, Linux, and Windows.
http//www.ethereal.com/
8
Ethereal
An adapter could be set to listen in promiscuous
mode.
Lets see a sample capture file from Ethereal
9
Internet security threats
Spoofing providing false information about your
identity in order to gain unauthorized access to
systems
  • IP Spoofing
  • can generate raw IP packets directly from
    application, putting any value into IP source
    address field
  • receiver can't tell if source is spoofed
  • e.g. C pretends to be B

C
A
B
10
Internet security threats
Attack to reduce ability to service clients by
overloading target
  • Denial of service (DOS)
  • flood of maliciously generated packets swamp
    receiver
  • Distributed DOS (DDOS) multiple coordinated
    sources swamp receiver
  • e.g., C and remote host SYN-attack A

C
A
B
11
DoS
Exploits basic weakness of TCP/IP Protocol
Recall
  • Attacker sends thousands and thousands of SYN
    packets to the victim
  • Victim is forced to wait for replies that would
    never come.
  • While the host is waiting for so many replies,
    it cannot accept any legitimate requests, so it
    becomes unavailable

12
The language of cryptography
Figure 7.3 goes here
  • symmetric key crypto sender, receiver keys
    identical
  • public-key crypto encrypt key public, decrypt
    key secret

13
Cryptography
From Alice to Bob (SENDER)
Key KA Plaintext Message m
Ciphertext KA(m)
Encryption Algorithm
Bobs side (RECEIVER)
Encrypted Message KA key KB
Decryption Algorithm
Plaintext m
KB(KA(m))
Symmetric key systems KAKB, kept secret
Public key systems 1 key known to the world
other key known only
by Alice or Bob (but not both)
14
Ceasar Cipher
Substitution of letters with an offset of k for
all letters
  • Take letter in plaintext message
  • Substitute with letter that is k letter later
    allowing wrap around (i.e. z followed by a)
  • Example k3

a b c d e f g h I j k l m n o p q r s t u v w x y
z
a becomes d
offset
b becomes e
bob, I love you. Alice gt ere, l oryth brx.
dolfh
Limits
There are only 25 possible key values.
Easy to break if the cipher algorithm is known to
be a Ceasar Cipher.
15
Monoalphabetic Cipher
Substitution of letters without any regular
pattern
  • Any letter can be substituted with any other
    letter, as long as each letter has a unique
    substitute letter, and vice-versa

plaintext abcdefghijklmnopqrstuvwxyz
ciphertext mnbvcxzasdfghjklpoiuytrewq
E.g.
Plaintext bob. i love you. alice
ciphertext nkn. s gktc wky. mgsbc
Q How hard to break this simple cipher?
Better than Ceasars cipher in that there are 26!
(on the order of 1026) Possible pairings of
letters
16
Monoalphabetic Cipher
Substitution of letters without any regular
pattern
  • Any letter can be substituted with any other
    letter, as long as each letter has a unique
    substitute letter, and vice-versa

9 of letter occurrences
e and t are the most frequently occurring
letters in English
13 of letter occurrences
Two- and three-letter occurrences of letters
appear quite often together (e.g. in, it,
the, ion, ing, etc.)
If intruder has some knowledge about possible
contents of the message, code is even easier to
break
17
Polylphabetic Cipher
Multiple monoalphabetic ciphers for different
character positions in plaintext message
  • Example Combination of (Repeating) Ceasar
    Ciphers could be used

Let C1 be a Ceasar Cipher with k5
Let C2 be a Ceasar Cipher with k19
Pattern of application C1,C2,C2,C1,C2
Plaintext a b c d e f g h i j k l m n o p q r
s t u v w x y z
C1(k5) f g h i j k l m n o p q r s t u v w x
y z a b c d e
C2(k19) t u v w x y z a b c d e f g h i j k l
m n o p q r s
18
Polylphabetic Cipher
Multiple monoalphabetic ciphers for different
character positions in plaintext message
  • Example Combination of (Repeating) Ceasar
    Ciphers could be used

Let C1 be a Ceasar Cipher with k5
Let C2 be a Ceasar Cipher with k19
Pattern of application C1,C2,C2,C1,C2
Plaintext bob.
E.g.
ciphertext ghu.
Encryption Decryption Keys
Knowledge of two Ceasar keys k5, k19 Pattern
C1,C2,C2,C1,C2
19
Symmetric key crypto DES
  • DES Data Encryption Standard
  • US encryption standard NBS 1977, NIST 1993
  • For commercial and non-classified US government
    use
  • 56-bit symmetric key, 64 bit plain text input

GOAL
Completely scramble data and key so that every
bit of ciphertext depends on every bit of data
and every bit of the key.. With a good algorithm,
there should be no correlation between the
ciphertext and either the original data or key.
20
Symmetric key crypto DES
  • initial permutation
  • 16 identical 'rounds' of function application,
    each using different 48 bits of key
  • final permutation
  • For encrypting longer messages use cipher-block
    chaining

21
Symmetric key crypto DES
  • How secure is DES?
  • 97 DES Challenge 56-bit-key-encrypted phrase
    ('Strong cryptography makes the world a safer
    place') decrypted (brute force) in 4 months
  • After testing a quarter of the key space 18
    quadrillion keys
  • no known backdoor decryption approach
  • making DES more secure
  • use three keys sequentially (3-DES) on each datum
  • Successor to DES (2001) AES Advanced Encryption
    Standard
  • 128-bit block data processing keys 128,192,256
    bits long
  • A machine that could crack 56-bit DES in one sec.
    (i.e. 255 per second) would approx. take 149
    trillion years to crack a 128-bit AES key

22
Public Key Cryptography
Is it possible to communicate with encryption
without having a shared secret key known in
advance?
  • symmetric key crypto
  • requires sender, receiver know shared secret key
  • Q how to agree on key in first place
    (particularly if never met)?
  • Typical problem in the Internet
  • public key cryptography
  • radically different approach Diffie-Hellman76,
    RSA78
  • sender, receiver do not share a secret key
  • encryption key public (known to all)
  • decryption key private (known only to receiver)

23
Public key cryptography
  • Figure 7.7 goes here

24
Public key encryption algorithms
Two inter-related requirements
.
.
  • need d ( ) and e ( ) such that

B
B
RSA Rivest, Shamir, Adleman algorithm
25
RSA Choosing keys
1. Choose two large prime numbers p, q.
(e.g., 1024 bits each)
2. Compute n pq, z (p-1)(q-1)
3. Choose e (with e lt n) that has no common
factors with z. (e, z are 'relatively prime').
4. Choose d such that ed-1 is exactly divisible
by z. (in other words ed mod z 1 ).
5. Public key is (n,e). Private key is (n,d).
In mathematics, a prime number (or a prime) is a
natural number that has exactly two (distinct)
natural number divisors, which are 1 and the
prime number itself. The first 30 prime numbers
are 2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37,
41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89,
97, 101, 103, 107, 109, and 113
26
RSA Encryption, decryption
0. Given (n,e) and (n,d) as computed above
2. To decrypt received bit pattern, c, compute
d
(i.e., remainder when c is divided by n)
Magic happens!
27
RSA example
Bob chooses p5, q7. Then n35, z24.
e5 (so e, z relatively prime). d29 (so ed-1
exactly divisible by z.
e
m
m
letter
encrypt
l
12
248832
17
c
letter
decrypt

17
12
l

481968572106750915091411825223072000 - too big !!
(int type)
28
How to solve this problem
Cd1729 break it into powers that are multiples
of 2. 17291716 .178 .174. 17 174 mod 35 11
hence 174 mod 35 11 mod 35, So 11 can
substitute 174, 178, and 1716 in the
expression 1729 mod 35 114 . 112 . 11 . 17 mod
35 Also 112 mod 35 17 1729 mod 35 172 . 17 .
11 . 17 mod 35 This is equivalent to calculating
x, y and z as follows x n4 mod 35 y x2 mod
35 z y2 mod 35 m z . y . x . c mod 35
(smaller !!) Alternatively use a similar
method to the one used in CRC. Remember that
(c.c.c) mod n (c.c) (c mod n) .

29
How to solve this problem
Repeated Squaring calculate y x e mod n int
repeatsquare( int x, int e, int n)
y1//initialize y to 1, very
important while (e gt 0) if (( e 2 ) 0)
x (xx) n e e/2 else y
(xy) n e e-1 return y //the
result is stored in y

Lets see the program in action!
30
RSA Why
(using number theory result above)
(since we chose ed to be divisible by (p-1)(q-1)
with remainder 1 )
31
RSAhow strong is it??
  • RSA Challenges
  • Prize offered to anyone who can break an RSA key
    of a certain size
  • (See www.rsasecurity.com/rsalabs )
  • US200,000.00 for whoever solves a 2048 bits
    factorization problem. No one claimed the prize
    so far...
  • Last challenge solved
  • RSA-576 10,000 Factored in 2003 by J. Franke et
    al.
  • Using a powerful parallel machine and very clever
    algorithms
  • Currently RSA-1024 is commonly used in practice
  • RSA key's size matters, see next...

32
RSAhow strong is it??
  • Common sense calculation
  • Brute force factorization
  • Try all the prime number P that are smaller than
    the Key
  • When Key mod P 0 then found the factors
  • How long can it take depends on the RSA key size
  • Suppose we have a key of 200 bits and the factors
    are approximately of the same order of digits
  • Each key will have 10100 trial divisions to do
  • A 1Gflops machine could do 109 trials per second
  • Say we have 109 machines in a cluster (massively
    parallel mach.)
  • As we have only 108 seconds/year, it would take
  • 1074 years !!!
  • Remember that the Earth is 109 years old

33
RSAhow to implement it?
  • A simplistic approach
  • Translate each byte to a decimal number
  • Use the RSA algorithm for each character
  • Problem 1 only a few possible numbers will be
    used
  • e.g., 256 possible characters may be mapped into
    non-existing character if the key is large
  • Problem 2 easy to break encryption due to
    language characteristics
  • e.g., English uses double character such as 'll',
    'rr' etc.
  • A 'dictionary' attack could decrypt the message
    without ever finding the factorization
  • In practice the string becomes a large binary
    number...

34
END OF SESSION
35
Authentication
Process of proving ones identity to someone else
over a network
  • live party (often routers, client-server
    processes)
  • Cannot rely on biometric information
  • Must be done solely on the basis of messages and
    data exchanged
  • Must be performed before other protocols
  • E.g.
  • Reliable data transfer protocol
  • Routing information exchange protocol
  • E-mail protocol

Lets see stepwise evolution of a design of an
authentication protocol (ap)
Next
36
Authentication
  • Goal Bob wants Alice to prove her identity to him

Protocol ap1.0 Alice says ''I am Alice''
Failure scenario??
37
Authentication using IP
Protocol ap2.0 Alice says ''I am Alice'' and
sends her IP address along to prove it.
Failure scenario??
Create an Operating system kernel that sends an
IP datagram using Alices IP address
Not unless first-hop router of Trudy would
prevent it
38
Authentication Secret Password
Protocol ap3.0 Alice says ''I am Alice'' and
sends her secret password to prove it.
Failure scenario?
Passwords are sent as cleartext for some
applications (e.g. Telnet). Within the same LAN,
it can be sniffed
Ethereal
39
Authentication Encrypted Secret Password
Protocol ap3.1 Alice says ''I am Alice'' and
sends her encrypted secret password to prove it.
Assumption Symmetric key cryptography is
employed
Shared Secret key
Failure scenario?
Playback attack record encrypted password,
playback encrypted password version to Bob to
pretend that she is Alice
Password is not learned by Trudy
Pitfall same password is used over and over
again.
40
Playback Attack
How to solve it?
Failure Scenario
Bob cannot distinguish between the original
authentication and its playback version
Countermeasures
Use a different password each time
  • use a sequence of passwords or password
    generator (could be a number)
  • apply encryption algorithm to each password

Bob knows Alice is indeed sending the datagram,
because she knows the secret encryption key, and
she is sending it live
41
Authentication Sequence of Encrypted Secret
Passwords
Nonce Symmetric key Cryptography (Shared Secret
Key)
Goal avoid playback attack
Nonce number (R) used only once in a lifetime
ap4.0 to prove Alice is live, Bob sends Alice
nonce, R. Alice must return R, encrypted with
shared secret key
Figure 7.11 goes here
Failures, drawbacks?
42
Authentication ap5.0
Ap5.0 Nonce Public key cryptography
  • ap4.0 requires shared symmetric key
  • problem how do Bob, Alice agree on key
  • can we authenticate using public key techniques?

Problem Trudy may be able to impersonate Alice
Figure 7.12 goes here
Note eA(dA(R)) dA(eA(R)) R
Trudy
Eventually, Alice Bob may find together that
someone else was interacting with Bob.
43
ap5.0 security hole
  • Man (woman)-in-the-middle attack Trudy poses as
    Alice (to Bob) and as Bob (to Alice)

Alice is happy to receive encrypted message using
her own public key
Bob is happy to send encrypted data
Figure 7.14 goes here
Need 'certified' public keys (more later )
Alice Bob may never know that Trudy was there
all along.
44
Digital Signatures
  • Cryptographic technique analogous to hand-written
    signatures.
  • Sender (Bob) digitally signs document,
    establishing he is document owner/creator.
  • Verifiable, non-forgeable recipient (Alice) can
    verify that Bob, and no one else, signed document.
  • Simple digital signature for message m
  • Bob encrypts m with his public key dB, creating
    signed message, dB(m).
  • Bob sends m and dB(m) to Alice.

45
Digital Signatures (more)
  • Suppose Alice receives msg m, and digital
    signature dB(m)
  • Alice verifies m signed by Bob by applying Bobs
    public key eB to dB(m) then checks eB(dB(m) )
    m.
  • If eB(dB(m) ) m, whoever signed m must have
    used Bob's private key.
  • Alice thus verifies that
  • Bob signed m.
  • No one else signed m.
  • Bob signed m and not m.
  • Non-repudiation
  • Alice can take m, and signature dB(m) to court
    and prove that Bob signed m.

46
Message Digests
  • Computationally expensive to public-key-encrypt
    long messages
  • Goal fixed-length,easy to compute digital
    signature, 'fingerprint'
  • apply hash function H to m, get fixed size
    message digest, H(m).
  • Hash function properties
  • Many-to-1
  • Produces fixed-size msg digest (fingerprint)
  • Given message digest x, computationally
    infeasible to find m such that x H(m)
  • computationally infeasible to find any two
    messages m and m' such that H(m) H(m').

47
Digital signature Signed message digest
  • Bob sends digitally signed message
  • Alice verifies signature and integrity of
    digitally signed message

48
Hash Function Algorithms
  • MD5 hash function widely used (RFC1321 with
    code).
  • Computes 128-bit message digest in 4-step
    process.
  • For any arbitrary 128-bit message digest x, it
    appears difficult to construct msg m whose MD5
    hash is equal to x.
  • SHA-1 is also used.
  • US federal standard
  • 160-bit message digest
  • Internet checksum would make a poor message
    digest.
  • Too easy to find two messages with same checksum.
  • Even using a 128-bit CRC it would be easy to find
    a second message to fit to the CRC

49
Hash Function Algorithms
  • MD5
  • Try that using md5sum command in Linux ...
  • MD5 is a very reliable way to fingerprint a file
  • From rfc1321 (with code) ...The MD5 algorithm
    takes as input a message of arbitrary length and
    produces as output a 128-bit "fingerprint" or
    "message digest" of the input. It is conjectured
    that it is computationally infeasible to produce
    two messages having the same message digest, or
    to produce any message having a given
    pre-specified target message digest.

Difficulty of coming up with any two messages
with same message digests order of 264
operations.
Given a message digest, the difficulty of coming
up with any message with the same message digest
is in the order of 2128 operations.
50
Trusted Intermediaries
  • Problem
  • How do two entities establish shared secret key
    over network?
  • Solution
  • trusted key distribution centre (KDC) acting as
    intermediary between entities
  • Problem
  • When Alice obtains Bob's public key (from web
    site, e-mail, diskette), how does she know it is
    Bob's public key, not Trudy's?
  • Solution
  • trusted certification authority (CA)

51
Kerberos
  • Authentication service developed at MIT (RFC
    1510)
  • Uses symmetric key encryption key distribution
    center
  • Variations extensions to KDC

Authentication Server (AS)
Plays the role of the KDC
Repository of secret keys of all users
Repository of users access privileges indicating
which service the user has access to, and on
which network servers
52
Key Distribution Center (KDC)
How can Alice Bob get a shared symmetric key in
a secured way?
expiration time
  • Alice,Bob need shared symmetric key.
  • KDC server shares different secret key with each
    registered user.
  • Alice, Bob know own symmetric keys, KA-KDC KB-KDC
    , for communicating with KDC.

R1-encrypted time-stamp (nonce)
Bob a Server to which Alice a user
KDC uses the appropriate private user secret key
to communicate with them.
53
Key Distribution Center (KDC)
54
Certification Authorities
  • Certification authority (CA) binds public key to
    particular entity.
  • Entity (person, router, etc.) can register its
    public key with CA.
  • Entity provides proof of identity to CA.
  • CA creates certificate binding entity to public
    key.
  • Certificate digitally signed by CA.
  • When Alice wants Bob's public key
  • gets Bob's certificate (from Bob or elsewhere).
  • Apply CA's public key to Bob's certificate, get
    Bob's public key

55
Certification Authorities
International Telecommunication Union (ITU)
IETF set standards for CAs
  • Take a look at the CA in the browser...

56
END OF SESSION
57
Secure e-mail
Desirable Security Features
  • Confidentiality
  • Sender authentication
  • I dont love you anymore. I never want to see
    you again. Formerly yours, Alice
  • Message Integrity
  • Receiver Authentication
  • Tools
  • symmetric key public key cryptography
  • Authentication
  • Key Distribution
  • Message Integrity
  • Digital Signatures

Lets see stepwise evolution of a design of a
Secure E-mail
Next
58
Secure e-mail
SE v1
Confidentiality
  • Alice wants to send secret e-mail message, m, to
    Bob.
  • generates random symmetric private key, KS.
  • encrypts message with KS
  • also encrypts KS with Bob's public key.
  • sends both KS(m) and eB(KS) to Bob.

Tools Symmetric Session key Public key
cryptography
59
Secure e-mail (continued)
SE v2
X
Confidentiality Authentication Message
Integrity
  • Alice wants to provide sender authentication
    message integrity.
  • Alice digitally signs message.
  • sends both message (in the clear) and digital
    signature.

Tools Hash Function Digital Signature
60
Secure e-mail (continued)
SE v3
Confidentiality Authentication Message
Integrity
  • Alice wants to provide secrecy, sender
    authentication, message integrity.

Confidentiality measures
Authentication Message Integrity
Note Alice uses both her private key, Bob's
public key.
61
Pretty good privacy (PGP)
KA-(H(m))
  • Internet e-mail encryption scheme, a de-facto
    standard.
  • Uses symmetric key cryptography, public key
    cryptography, hash function, and digital
    signature as described.
  • Provides secrecy, sender authentication,
    integrity.
  • Inventor, Phil Zimmerman, was target of 3-year
    federal investigation.

A PGP signed message
  • ---BEGIN PGP SIGNED MESSAGE---
  • Hash SHA1
  • Bob(secret message)
  • ---BEGIN PGP SIGNATURE---
  • Version PGP 5.0
  • Charset noconv
  • yhHJRHhGJGhgg/12EpJlo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2
  • ---END PGP SIGNATURE---

Cryptography programs are considered munitions
under US federal law and are not allowed to be
exported
62
PGP
TOOLS
  • Design

Similar to SEv3 diagram discussed
  • Creation of Message Digest

MD5, SHA
  • Symmetric Key Encyption

CAST, triple-DES, IDEA
  • Public Key Encyption

RSA
  • Compression

63
Pretty good privacy (PGP)
  • Freely available on http//web.mit.edu/network/pgp
    .html
  • Look also www.pgp.com
  • Zimmermann has received technical awards
  • 2001 he was inducted into the CRN Industry Hall
    of Fame
  • 2000 InfoWorld named him one of the Top 10
    Innovators in E-Business
  • 1999 Louis Brandeis Award from Privacy
    International
  • 1998 Lifetime Achievement Award from Secure
    Computing Magazine
  • 1996 the Norbert Wiener Award from Computer
    Professionals for promoting the responsible use
    of technology.

64
Internet Commerce Scenario
Purchasing a product from a website
Use Internet commerce using SSL protocol in
combating these problems
Alice Incorporated Site
Information
Product, Quantity Address Payment card
number password
submit
  • Intercept order, obtain Bobs card information,
    then make purchases using Bobs card or
  • Trudy could be masquerading as Alice Incorporated

65
Secure sockets layer (SSL)
sits between Application Layer and TCP
  • Server authentication
  • SSL-enabled browser includes public keys for
    trusted CAs.
  • Browser requests server certificate, issued by
    trusted CA.
  • Browser uses CA's public key to extract server's
    public key from certificate.
  • Visit your browser's security menu to see its
    trusted CAs.
  • Originally developed by Netscape
  • SSL security services
  • server authentication
  • data encryption
  • client authentication (optional)
  • SSL works at transport layer. Provides security
    to any TCP-based app using SSL services.
  • SSL used between WWW browsers, servers for
    Internet-commerce (https).

66
Secure Sockets Layer (SSL)
Originally developed by Netscape
  • Data encryption

Can be viewed as a layer bet. App. Layer
Transport Layer
  • Authentication bet. Web client Web server

Web Client (browser)
SSL-enabled Web Server
1. Handshake Phase
  • negotiates encryption algorithm
  • Authenticates server to client (or, vice-versa)

2. Data Transmission Phase
  • Encryption of data using Session keys generated
    during handshake phase

67
Secure Sockets Layer (SSL)
HIGH-LEVEL VIEW OF HANDSHAKE PHASE OF SSL
Bob browses Alices secure page
Alice sends Bob her certificate
Bob extracts Alices public key
Bob generates a random symmetric key and
encrypts it using Alices public key
Alice extracts the symmetric key
68
Secure Sockets Layer (SSL)
FEATURES
  • SSL SERVER AUTHENTICATION
  • Allows the browser to authenticate the server
  • before the user submits important information

List of trusted CAs Public keys
  • Client obtains certificate from server, then
  • checks certificate with clients list of trusted
    CAs.
  • If found on list, client validates certificates
    integrity and
  • extracts servers public key
  • SSL CLIENT AUTHENTICATION (Optional)
  • ENCRYPTED SSL SESSION
  • encryption/decryption of all information between
    browser server
  • information tampering detection

69
SSL (continued)
ENCRYPTED SSL SESSION
  • SSL basis of IETF Transport Layer Security
    (TLS).
  • SSL can be used for non-Web applications, e.g.,
    IMAP.
  • Client authentication can be done with client
    certificates.
  • Browser generates symmetric session key, encrypts
    it with servers public key, sends encrypted key
    to server.
  • Using its private key, server decrypts session
    key.
  • Browser, server agree that future msgs will be
    encrypted.
  • All data sent into TCP socket (by client or
    server) encrypted with session key.

70
Secure Sockets Layer (SSL)
LIMITATIONS
  • Provides a popular platform (for servers and
    browsers) for card payment transactions
  • Generic secure communication bet. server client
  • signed certificate guarantees bona fide
    company
  • certificate does not indicate if company is
    authorized to accept
  • card payments nor if its a reliable merchant
  • Company has no assurance if card is not stolen

71
(No Transcript)
72
(No Transcript)
73
(No Transcript)
74
Secure electronic transactions (SET)
  • designed for payment-card transactions over
    Internet.
  • provides security services among 3 players
  • customer
  • merchant
  • Merchant's bank
  • All must have certificates.
  • SET specifies legal meanings of certificates.
  • apportionment of liabilities for transactions
  • Customer's card number passed to merchant's bank
    without merchant ever seeing number in plain
    text.
  • Prevents merchants from stealing, leaking payment
    card numbers.
  • Three software components
  • Browser wallet
  • Merchant server
  • Acquisition gateway

75
SSH (Secure Shell)
an example of secure connection
  • Telnet or rsh are not secure
  • They transmit login/passwords over the network
  • SSH is safer because it encrypts the
    login/password
  • Authenticates the hosts
  • Keeps keys on the user's local directory
  • Example of know_hosts file
  • hostname1,130.113.118.147 ssh-rsa
    AAAAB3NzaC1yc2EAAAABIwAAAIEAsmnfyxDMN7o1UrXuvjchDD
    FGRVdwRLVC/pVoXvrVl5Byxp/GQSdWJeYzMyEyKaNQIgFpiB
    Gqnsgfk8uQJCzyJnB3nkYSAhVlz2emjuC6kuJ8yFgoIxON4v9N
    VEeSgSEIua6aVBi4a4tfy2sSj15aYzWPSOmJoGhnt6lEaDY0

76
END OF SESSION
77
Ipsec Network Layer Security
Blanket coverage for all Internet traffic (RFC
2401, 2411)
Advantages
Necessary Precursor
  • Network-layer secrecy
  • sending host encrypts the data in IP datagram
  • TCP and UDP segments ICMP and SNMP messages.
  • Network-layer authentication
  • destination host can authenticate source IP
    address
  • Two principal protocols
  • authentication header (AH) protocol
  • encapsulation security payload (ESP) protocol
  • For both AH and ESP, source, destination
    handshake
  • create network-layer logical channel called
    service association (SA)
  • Each SA unidirectional.
  • Uniquely determined by
  • security protocol (AH or ESP)
  • source IP address
  • 32-bit connection ID

78
Authentication Header (AH) Protocol
  • AH header includes
  • connection identifier
  • authentication data signed message digest,
    calculated over original IP datagram, providing
    source authentication, data integrity.
  • Next header field specifies type of data (TCP,
    UDP, ICMP, etc.)
  • Provides source host authentication, data
    integrity, but not secrecy.
  • AH header inserted between IP header and IP data
    field.
  • Protocol field 51.
  • Intermediate routers process datagrams as usual.

79
Encapsulation Security Payload (ESP) Protocol
  • Provides secrecy, host authentication, data
    integrity.
  • Data, ESP trailer encrypted.
  • Next header field is in ESP trailer.
  • ESP authentication field is similar to AH
    authentication field.
  • Protocol 50.

80
Firewall
Uses a combination of hardware and software
components
  • isolates organization's internal net from larger
    Internet, allowing some packets to pass, blocking
    others.

gateway-to-remote host telnet session
X
application gateway
router and filter
81
Firewall
  • Two firewall types
  • packet filter
  • application gateways

82
PACKET FILTERING
  • Operates at the Network Layer
  • The Internet access relies on a particular Router
  • The router can filter packets based on
  • IP addresses
  • Domain names
  • Port numbers
  • Protocol types
  • SYN and ACK bits on a TCP packet
  • Coarse-grain filtering on IP and TCP/UDP headers
  • Operates by sequentially checking filtering rules
    against the datagram being inspected the first
    rule matching the datagram determines the action
    taken

83
PACKET FILTERING
  • Alice administers a company network 222.22.0.0/16
    and, in general, wants to disallow access to her
    network from the public internet (R3). However,
    Alice collaborates with Bob and his colleagues
    who are at network 111.11/16. Alice wants to let
    users from Bobs network access a specific
    subnet, 222.22.22/24 within her companys network
    (R1). The problem is that Trudy belongs to Bobs
    network, with subnet 111.11.11/24. Therefore,
    Alice doesnt want any traffic from 11.11.11/24
    entering anywhere into her network (R2).
  • Packet filtering rules (ordering of evaluation is
    important!)

84
PACKET FILTERING
  • Specifying filtering rules

85
PACKET FILTERING
  • Operates at the Network Layer
  • Applying more specific rules first does not avoid
    unanticipated or unwanted behaviour arising from
    ordering issues

86
PACKET FILTERING
  • Example 3 block 'ping'
  • In order to avoid external users to find suitable
    IP addresses to attack.
  • Example 4
  • Block domain names that are known to be dangerous
    to users or inadequate for the scope of the
    institution.
  • Example 1 block incoming and outgoing datagrams
    with IP protocol field 17 and with either
    source or dest port 23.
  • All incoming and outgoing UDP flows and telnet
    connections are blocked.
  • Example 2 Block inbound TCP segments with ACK0.
  • Prevents external clients from making TCP
    connections with internal clients, but allows
    internal clients to connect to outside.

87
APPLICATION GATEWAYS
  • Application specific server through which all
    application data must pass

Packet Filter Application Gateway
e.g. Force all outbound Telnet connections to
pass through the application gateway
Each Gateway separate server processes
  • Make policy decisions based on application data
  • Multiple application gateways on the same host

e.g. Telnet, HTTP, FTP, mail server, Web
Cache
88
APPLICATION GATEWAYS
  • Filters packets on application data as well as on
    IP/TCP/UDP fields.
  • Example Allow only selected internal users to
    telnet outside.

89
Limitations of firewalls and gateways
  • IP spoofing router can't know if data really
    comes from claimed source
  • Multiple applications need special treatment
    each with its own gateway.
  • Client software must know how to contact gateway.
  • e.g., must set IP address of proxy in Web browser
  • Filters often use all or nothing policy for UDP.
  • Trade off degree of communication with outside
    world, level of security
  • Many highly protected sites still suffer from
    attacks.
  • Does not protect against the enemy from within.

90
Network Security (summary)
  • Basic techniques...
  • cryptography (symmetric and public)
  • authentication
  • message integrity
  • . used in many different security scenarios
  • secure email
  • secure transport (SSL)
  • IP sec
Write a Comment
User Comments (0)
About PowerShow.com