DSI IP Telecom Security

About This Presentation

Title:

DSI IP Telecom Security

Description:

Hacking root in UNIX. Super accounts in Windows (administrator) and NetWare (supervisor) ... Password cracking program. Run on a server (need physical access) ... – PowerPoint PPT presentation

Number of Views:228

Avg rating:3.0/5.0

Slides: 237

Provided by: peter118

Category:

more less

Transcript and Presenter's Notes

Title: DSI IP Telecom Security

1
(No Transcript)
2
IP Cyber Security Unit 4 Access Control
3
UNIT 4
Content

Access and Authentication Technology

Authentication methods PPP, PAP, CHAP, EAP

AAA, RADIUS, TACACS, TACACS, Kerberos

Authentication Header (AH)

Encapsulating Security Payload (ESP)

Virtual Private Networks (VPN) VPN Architectures

Authentication On Wireless LANs

4
Access Control Processes
5
Access Control (AC)

Access control is the heart of security
Definitions
The ability to allow only authorized users,
programs or processes system or resource access
The granting or denying, according to a
particular security model, of certain permissions
to access a resource
An entire set of procedures performed by
hardware, software and administrators, to monitor
access, identify users requesting access, record
access attempts, and grant or deny access based
on preestablished rules.

6
Access Control

Access Control
Access control is the policy-driven limitation of
access to systems, data, and dialogs
Prevent attackers from gaining access, stopping
them if they do

7
Access Control

What Access Permissions (Authorizations) Should
They Have?
Access permissions (authorizations) define
whether a role or individual should have any
access at all
If so, exactly what the role or individual should
be allowed to do to the resource.
Usually given as a list of permissions for users
to be able to do things (read, change, execute
program, etc.) for each resource

8
Access Control

How Should Access Control Be Implemented?
For each resource, need an access protection plan
for how to implement protection in keeping with
the selected control policy
For a file on a server, for instance, limit
authorizations to a small group, harden the
server against attack, use a firewall to thwart
external attackers, etc.

9
Access Control

Policy-Based Access Control and Protection
Have a specific access control policy and an
access protection policy for each resource
Focuses attention on each resource
Guides the selection and configuration of
firewalls and other protections
Guides the periodic auditing and testing of
protection plans

10
Access control lists (ACL)

A file used by the access control system to
determine who may access what programs and files,
in what method and at what time
Different operating systems have different ACL
terms
Types of access (locks)
Read/Write/Create/Execute/Modify/Delete/Rename

11
AC is implemented for all IS components including

Hardware
Software
Application
Protocol (Kerberos, IPSec)
Physical
Logical (policies)

12
AC protect all IS components including

Data Unauthorized viewing, modification or
copying
System Unauthorized use, modification or denial
of service
It should be noted that nearly every network
operating system (NT, Unix, Vines, NetWare) is
based on a secure physical infrastructure

13
Access Control

First Steps
Enumeration of Resources
Sensitivity of Each Resource
Next, who Should Have Access?
Can be made individual by individual
More efficient to define by roles (logged-in
users, system administrators, project team
members, etc.)

14
Access Control

What Access Permissions (Authorizations) Should
They Have (Keys)?
Access permissions (authorizations) define
whether a role or individual should have any
access at all
If so, exactly what the role or individual should
be allowed to do to the resource.
Usually given as a list of permissions for users
to be able to do things (read, change, execute
program, etc.) for each resource

15
Access Control

How Should Access Control Be Implemented?
For each resource, need an access protection plan
for how to implement protection in keeping with
the selected control policy
For a file on a server, for instance, limit
authorizations to a small group, harden the
server against attack, use a firewall to thwart
external attackers, etc.

16
Access Control

Policy-Based Access Control and Protection
Have a specific access control policy and an
access protection policy for each resource
Focuses attention on each resource
Guides the selection and configuration of
firewalls and other protections
Guides the periodic auditing and testing of
protection plans

17
Access Control

Is the ability to limit and control the access
to
the systems and application.

Tools

Physical access control

Finger Prints.
Eyes Recognition.

Voice Identification.
Smart Card.

Logical access control

Password.

Firewalls.

18
Access Control

Smart Cards

19
Access Control

Password

20
Personnel Identification and Authentication tools
21
Access Control

Finger Prints.

Token Ring

22
Password Hashing (or Encryption)
2. Hash My4Bad 11110000
1. User Aly Password My4Bad
3. Hashes Match
Client PC User Ali
Hashed Password File Ahmed 11001100 Ali 11110000 M
ohmd 00110011 Samir 11100010
4. Hashes Match, So User is Authenticated
23
One way Hash Function
24
Authentication

Steps
The user sends a request to the server seeking
for permission to enter the secured website
The server asks for his username and password to
check if that person is who he is declared to be
The user then signs in and sends the request back
to the server
Server will verify his identity and check if he
is an authorized user .
After confirming his identity, the server would
send back an approval or a denial of access to
the website..

25
Authentication Forms
1. What a client knows 2. What a client
has 3. Who a client is 4. What a client
produces
26
AUTHENTICATION METHODS

What a client knows This form of authentication
deals with what the client knows. For example
passwords and user IDs.
What a client has The second form of
authentication deals with something that the
client possesses. Such things include tokens and
smart cards. Smart cards are cards that contain a
computer chip to verify the user's identity.
Tokens, on the other hand, are cards equipped
with a computer chip and a liquid crystal display
showing a computer-generated number sequence for
remote login authentication
What a client is The third form of
authentication is related to the characteristics
of the supplicant. Such characteristics are
fingerprint, iris pattern, hand geometry and
retinal print. Because these characteristics are
unique to every individual supplicant, it can be
used by systems to authenticate its users
What a client produces The final form of
authentication that we are covering addresses
what the client produces. Such examples are
technologies on signature or voice recognition,
e.g. credit card payment system.

27
Biometric Authentication
28
Biometric Authentication

Biometric Authentication
Authentication based on body measurements and
motions
Because you always bring your body with you
Biometric Systems
Enrollment
Later access attempts
Acceptance or rejection

29
Biometric Authentication System
1. Initial Enrollment
User Lee Scanning
User Lee Template (01101001)
Processing (Key Feature Extraction) A01, B101,
C001
Template Database Brown 10010010 Lee
01101001 Chun 00111011 Hirota 1101110

3. Match Index Decision Criterion (Close Enough?)
2. Subsequent Access
Applicant Scanning
User Access Data (01111001)
Processing (Key Feature Extraction) A01, B111,
C001
30
Biometric Authentication

Verification Versus Identification
Verification Are applicants who they claim to
be? (compare with single template)
Identification Who is the applicant? (compare
with all templates)
More difficult than verification because must
compare to many templates
Watch list is this person a member of a specific
group (e.g., known terrorists)
Intermediate in difficulty

31
Biometric Authentication

Verification Versus Identification
Verification is good for replacing passwords in
logins
Identification is good for door access and other
situations where entering a name would be
difficult

32
Biometric Authentication

Precision
False acceptance rates (FARs) Percentage of
unauthorized people allowed in
Person falsely accepted as member of a group
Person allowed through a door who should be
allowed through it
Very bad for security

33
Biometric Authentication

Precision
False rejection rates (FRRs) Percentage of
authorized people not recognized as being members
of the group
Valid person denied door access or server login
because not recognized
Can be reduced by allowing multiple access
attempts
High FRRs will harm user acceptance because users
are angered by being falsely forbidden

34
Biometric Authentication

Precision
Vendor claims for FARs and FRRs tend to be
exaggerated because they often perform tests
under ideal circumstances
For instance, having only small numbers of users
in the database
For instance, by using perfect lighting,
extremely clean readers, and other conditions
rarely seen in the real world

35
Biometric Authentication

User Acceptance is Crucial
Strong user resistance can kill a system
Fingerprint recognition may have a criminal
connotation
Some methods are difficult to use, such as iris
recognition, which requires the eye to be lined
up carefully.
These require a disciplined group

36
Biometric Authentication

Biometric Methods
Fingerprint recognition
Dominates the biometric market today
Based on a fingers distinctive pattern of
whorls, arches, and loops
Simple, inexpensive, well-proven
Weak security can be defeated fairly easily with
copies
Useful in modest-security areas

37
Biometric Authentication

Biometric Methods
Iris recognition
Pattern in colored part of eye
Very low FARs
High FRR if eye is not lined up correctly can
harm acceptance
Reader is a cameradoes not send light into the
eye!

38
Biometric Authentication

Biometric Methods
Face recognition
Can be put in public places for surreptitious
identification (identification without citizen
or employee knowledge). More later.
Hand geometry shape of hand
Voice recognition
High error rates
Easy to fool with recordings

39
Biometric Authentication

Biometric Methods
Keystroke recognition
Rhythm of typing
Normally restricted to passwords
Ongoing during session could allow continuous
authentication
Signature recognition
Pattern and writing dynamics

40
Biometric Authentication

Biometric Standards
Almost no standardization
Worst for user data (fingerprint feature
databases)
Get locked into single vendors

41
Biometric Authentication

Can Biometrics be Fooled?
Airport face recognition
Identification of people passing in front of a
camera
False rejection rate rate of not identifying
person as being in the database
Fail to recognize a criminal, terrorist, etc.
FRRs are bad

42
Biometric Authentication

Can Biometrics be Fooled?
Airport face recognition
4-week trial of face recognition at Palm Beach
International Airport
Only 250 volunteers in the user database
(unrealistically small)
Volunteers were scanned 958 times during the
trial
Only recognized 455 times! (47)
53 FRR

43
Biometric Authentication

Can Biometrics be Fooled?
Airport face recognition
Recognition rate fell if wore glasses (especially
tinted), looked away
Would be worse with larger database
Would be worse if photographs were not good

44
Biometric Authentication

Can Biometrics be Fooled?
DOD Tests indicate poor acceptance rates when
subjects were not attempting to evade
270-person test
Face recognition recognized person only 51
percent of time
Even iris recognition only recognized the person
94 percent of the time!

45
Biometrics Authentication

Can Biometrics be Fooled?
Other research has shown that evasion is often
successful for some methods
German ct magazine fooled most face and
fingerprint recognition systems
Prof. Matsumoto fooled fingerprint scanners 80
percent of the time with a gelatin finger created
from a latent (invisible to the naked eye) print
on a drinking glass

46
Password-Based Access Control
47
Server Password Cracking

Reusable Passwords
A password you use repeatedly to get access to a
resource on multiple occasions
Bad because attacker will have time to learn it
then can use it
Difficulty of Cracking Passwords by Guessing
Remotely
Usually cut off after a few attempts
However, if can steal the password file, can
crack passwords at leisure

48
Server Password Cracking

Hacking Root
Super accounts (can take any action in any
directory)
Hacking root in UNIX
Super accounts in Windows (administrator) and
NetWare (supervisor)
Hacking root is rare usually can only hack an
ordinary user account
May be able to elevate the privileges of the user
account to take root action

49
Server Password Cracking

Physical Access Password Cracking
l0phtcrack
Lower-case L, zero, phtcrack
Password cracking program
Run on a server (need physical access)
Or copy password file and run l0phtcrack on
another machine.

50
Server Password Cracking

Physical Access Password Cracking
Brute-force password guessing
Try all possible character combinations
Longer passwords take longer to crack
Using more characters also takes longer
Alphabetic, no case (26 possibilities)
Alphabetic, case (52)
Alphanumeric (letters and numbers) (62)
All keyboard characters (80)

51
Password Length
Password Length In Characters
Alphanumeric Letters Digits (N62)
All Keyboard Characters (N80)
Alphabetic, Case (N52)
Alphabetic, No Case (N26)
1
62
80
52
26
2 (N2)
3,844
6,400
2,704
676
4 (N4)
14,776,336
40,960,000
7,311,616
456,976
6
56,800,235,584
2.62144E11
19,770,609,664
308,915,776
8
2.1834E14
1.67772E15
5.34597E13
2.08827E11
10
8.39299E17
1.07374E19
1.44555E17
1.41167E14
52
Server Password Cracking

Physical Access Password Cracking
Brute Force Attacks
Try all possible character combinations
Slow with long passwords length
Dictionary attacks
Try common words (password, ouch, etc.)
There are only a few thousand of these
Cracked very rapidly
Hybrid attacks
Common word with single digit at end, etc.

53
Server Password Cracking

Password Policies
Good passwords
At least 6 characters long
Change of case not at beginning
Digit (0 through 9) not at end
Other keyboard character not at end
Example triV6ial

54
Server Password Cracking

Password Policies
Testing and enforcing password policies
Run password cracking program against own servers
Caution requires approval! SysAdmins have been
fired for doing this without permissionand
should be
Password duration policies How often passwords
must be changed

55
Server Password Cracking

Password Policies
Password sharing policies Generally, forbid
shared passwords
Removes ability to learn who took actions loses
accountability
Usually is not changed often or at all because of
need to inform all sharers

56
Server Password Cracking

Password Policies
Disabling passwords that are no longer valid
As soon as an employee leaves the firm, etc.
As soon as contractors, consultants leave
In many firms, a large percentage of all accounts
are for people no longer with the firm

57
Server Password Cracking

Password Policies
Lost passwords
Password resets Help desk gives new password for
the account
Opportunities for social engineering attacks
Leave changed password on answering machine
Biometrics voice print identification for
requestor (but considerable false rejection rate)

58
Server Password Cracking

Password Policies
Lost passwords
Automated password resets
Employee goes to website
Must answer a question, such as In what city
were you born?
Problem of easily-guessed questions that can be
answered with research

59
Server Password Cracking

Password Policies
Encrypted (hashed) password files
Passwords not stored in readable form
Encrypted with DES or hashed with MD5
In UNIX, etc/passwd puts x in place of password
Encrypted or hashed passwords are stored in a
different (shadow) file to which only high-level
accounts have access

60
Server Password Cracking

Password Policies
Windows passwords
Obsolete LAN manager passwords (7 characters
maximum) should not be used
Windows NTLM passwords are better
Option (not default) to enforce strong passwords

61
Server Password Cracking

Shoulder Surfing
Watch someone as they type their password
Keystroke Capture Software
Professional versions of windows protect RAM
during password typing
Consumer versions do not
Trojan horse throws up a login screen later,
reports its finding to attackers

62
Server Password Cracking

Windows Client PC Software
Consumer version login screen is not for security
Windows professional and server versions provide
good security with the login password
BIOS passwords allow boot-up security
Can be disabled by removing the PCs battery
But during a battery removal, the attacker will
be very visible
Screen savers with passwords allow away-from-desk
security after boot-up

63
UNIT 4
Content

Access and Authentication Technology

Authentication methods PPP, PAP, CHAP, EAP

AAA, RADIUS, TACACS, TACACS, Kerberos

Authentication Header (AH)

Encapsulating Security Payload (ESP)

Virtual Private Networks (VPN) VPN Architectures

Authentication On Wireless LANs

64
AUTHENTICATION METHODS

Authentication and authorization technologies
(e.g., userID and password with PAP Password
Authentication Protocol and CHAP Challenge
Handshake Authentication Protocol, Kerberos,
etc.)
Token cards
PPP Extensible Authentication Protocol (EAP)
Microsoft Point-to-Point Encryption (MPPE)
Key-management protocols, e.g., Internet Security
Association and Key Management Protocol (ISAKMP),
Internet Key Exchange (IKE), etc.
Digital certificates
Digital signatures
Message authentication codes (MACs)
Wireless Encryption Technologies (e.g., WEP,
802.11i)

65
AUTHENTICATION METHODS

A number of other userID and password
authentication technologies with improved
security have also been designed, primarily to be
employed during a user log-in process.
A good example is Password Challenge Handshake
Authentication Protocol (CHAP). In a network
environment, because the log-in process first
authenticates the user and then establishes a
session (a logical connection) for the user if
the user is indeed authorized

66
PPP Authentication
No Authentication Is an Option
Server
Client

To establish communications over a point-to-point
link, each end of the PPP link must first send
link configuration packets to configure the data
link during the Link Establishment Phase.
After the link has been established, PPP provides
for an optional Authentication Phase before
proceeding to the Network-Layer Protocol Phase.
The authentication protocols are intended for use
by hosts and routers that connect to a PPP
network server via switched circuits, dial-up
lines, or dedicated links.

67
PAP Password Authentication Protocol

PAP is a simple proprietary userID and password
authentication protocol.
With PAP, the password is sent across the network
to be compared against an encrypted password file
on the access server. If the password matches the
associated userID, the connection is established.
Because the password can potentially be
intercepted by a hacker, PAP is not considered to
be secure.

68
PPP Authentication
PAP Authentication
Authentication-Request Messages (Send Until
Response)
Authentication-Response Message
Server
Client
Poor Security Usernames and Passwords Are Sent
in the Clear
69
Password Challenge Handshake Authentication
Protocol (CHAP)

CHAP addresses the PAP deficiencies by having a
server send a randomly generated challenge to
the client along with the hostname.
The hostname is used by the client to look up the
appropriate password, which is then combined with
the challenge and encrypted using a one-way
hashing function to produce a result that is then
sent to the server along with the client userID.
The server performs the same computation using
the password and compares the result with the
result that has been sent back by the client.
If there is a match, the connection will be
established. Because the challenge is different
in every session, a hacker cannot replay the
sequence.
The specific method to be used can be negotiated
by a client when connecting to an RAS.
CHAP allows different types of encryption
algorithms to be used. Most commercial RASs
support Data Encryption Standard (DES) and
Message Digest 5 (MD5).

70
(No Transcript)
71
MS-CHAP Challenge-Response Authentication Protocol
Note Both the client and the server know the
clients password.
1. Verifier creates Challenge Message
Challenge
2. Verifier sends Challenge Message
72
MS-CHAP Challenge-Response Authentication Protocol

3.
Applicant (Supplicant)creates a Response
Message
Adds password toChallenge Message
(b) Hashes the resultant bitstring (does not
encrypt)
(c) The hash is theResponse Message

Challenge
Password
Hashing (Not Encryption)
Response
73
MS-CHAP Challenge-Response Authentication Protocol
4. Applicant sends Response Message without
encryption
Transmitted Response
74
MS-CHAP Challenge-Response Authentication Protocol
5. Verifier adds password to theChallenge
Message it sent. Hashes the combination.This is
the expectedResponse Message.
Challenge
Password
Hashing
Expected Response
75
MS-CHAP Challenge-Response Authentication Protocol
Expected Response
Transmitted Response
?
6. If the two Response Messages are equal,
the applicant knows the password and is
authenticated. Sever logs Client in.
7. Note that only hashing is involved. There is
no encryption.
76
PPP Authentication
CHAP Authentication
Challenge Message
Response Message Hash (Challenge Message Secret)
Server
Client
Server computes hash of challenge message plus
secret If equals the response message,
authentication is successful
77
PPP Authentication
MS-CHAP Authentication
Challenge Message
Response Message Hash (Challenge Message
Password)
Server
Client
CHAP, but with password as the secret. Widely
used because allows password authentication Standa
rd on Microsoft Windows client Only as secure as
password strength
78
PPP Extensible Authentication Protocol (EAP)

EAP is a general protocol for PPP authentication
that supports multiple authentication mechanisms.
EAP does not select a specific authentication
mechanism at Link Control Phase, but rather
postpones this until the Authentication Phase.
This allows the authenticator to request more
information before determining the specific
authentication mechanism. This also permits the
use of a back-end server that actually implements
the various mechanisms, whereas the PPP
authenticator merely passes through the
authentication exchange.
The following are the basic steps involved in the
EAP authentication process
After the Link Establishment phase is complete,
the authenticator sends one or more Requests to
authenticate the peer. The Request has a type
field to indicate what is being requested.
Examples of Request types include Identity,
MD5-challenge, One-Time Passwords, Generic Token
Card, etc. The MD5-challenge type corresponds
closely to the CHAP authentication protocol.
Typically, the authenticator will send an initial
Identity Request followed by one or more Requests
for authentication information. An initial
Identity Request is not required, and may be
bypassed in cases where the identity is presumed
(leased lines, dedicated dial-ups, etc.).
The peer sends a Response packet in reply to each
Request. As with the Request packet, the Response
packet contains a type field that corresponds to
the type field of the Request.
The authenticator ends the authentication phase
with a Success or Failure packet.

79
PPP Authentication
EAP Authentication
Authenticate
Defer authentication Will provide more
information
Server
Client
EAP defers authentication to a later process Such
as RADIUS authentication
80
PPP Encryption
New PPP Header. Plaintext.
Original PPP Frame. Encrypted.
New PPP Trailer. Plaintext.
PPP with EAP Encryption
New PPP Header. Plaintext.
EAP header
New PPP Trailer. Plaintext.
Code
Identifier
Length
81
PPP on Direct Links and Internets
PPP Frame
Connection over Direct Link
PPP Provides End-to-End Link
Applicant (Client)
Verifier (Server)
82
PPP on Direct Links and Internets
PPP Frame in IP Packet
Connection over Internet
PPP Limited to First Data Link (Network)
Router
Router
Applicant (Client)
Verifier (Server)
83
PPP on Direct Links and Internets

Note
Tunneling Places the PPP Frame in an IP Packet,
Which Delivers the Frame.
To the Receiver, Appears to be a Direct Link.
Allows organization to continue using existing
PPP-based security such as encryption and
authentication

84
Layer 2 Tunneling Protocol (L2TP)
DSL Access Multiplexer (DSLAM) with L2TP
Client Running PPP
Internal Server
L2TP RAS
DSL
L2TP Tunnel
Local Network
Carrier Network
Note L2TP does not provide security. It
provides only tunneling. L2TP recommends the use
of IPsec for security.
85
UNIT 4
Content

Access and Authentication Technology

Authentication methods PPP, PAP, CHAP, EAP

AAA, RADIUS, TACACS, TACACS, Kerberos

Authentication Header (AH)

Encapsulating Security Payload (ESP)

Virtual Private Networks (VPN) VPN Architectures

Authentication On Wireless LANs

86
Point-to-Point Tunneling Protocol (PPP)
RADIUS Server
IP Protocol 47 (GRE) Data Connection
Local ISP Access (Not Secure)
Internet
Remote Corporate PC
RADIUS Server
PPTP RAS
ISP PPTP Access Concentrator
TCP Port 1723 Supervisory Connection (Vulnerable)
Corporate Site A
87
Point-to-Point Tunneling Protocol (PPP)
Direct connection between PC And RADIUS Server
IP Protocol 47 (GRE) Data Connection
Internet
Remote Corporate PC
RADIUS Server
PPTP RAS
TCP Port 1723 Supervisory Connection (Vulnerable)
Corporate Site A
88
PPTP Encapsulation for Data Frames
Enhanced General Routing Encapsulation (GRE)
Header Information About Encapsulated Packet
New IP Header Protocol47 IP Destination Address
Is That of Remote Access Server
Encapsulated Original IP Packet
89
RADIUS for Dial-Up Remote Access
Remote Corporate PC
1. Login Username And Password
2. OK?
Dial-Up Connection
RADIUS Server
RAS 1
Remote Corporate PC
Public Switched Telephone Network
Corporate Site A
Dial-Up Connection
RAS 2
90
RADIUS for Dial-Up Remote Access
Remote Corporate PC
Dial-Up Connection
3. OK
4. Welcome
RADIUS Server
RAS 1
Remote Corporate PC
Public Switched Telephone Network
Corporate Site A
Dial-Up Connection
RAS 2
91
Kerberos Authentication System
Kerberos Server Key Distribution Center (K)
Abbreviations A Applicant V Verifier K
Kerberos Server
Verifier (V)
Applicant (A)
92
Kerberos Authentication System
Kerberos Server Key Distribution Center (K)
TGT (Ticket-Granting Ticket) is encrypted in
a way that only K can decrypt.
Contains information that K will read later.
1. Request for Ticket-Granting Ticket
Key nA (Network Login Key for A) is encrypted
with As Master Key (Key mA). In future
interactions with K, A will use nA to limit the
master keys exposure.
2. Response TGT, Key nA
Verifier (V)
Applicant (A)
93
Kerberos Ticket-Granting Service Part 1
Authenticator is As IP address, user name, and
time stamp. This authenticator is encrypted with
Key nA to prove that A sent it.
Kerberos Server Key Distribution Center (K)
1. Request Ticket for V TGT Authenticator encr
ypted with Key nA
Key AV is a symmetric session key that A will
use with V.
2. Response Key AV encrypted with Key
nA Service Ticket
Verifier (V)
Applicant (A)
94
Kerberos Ticket-Granting Service Part 2
Authenticator (Auth) encrypted with Key
AV. Service Ticket contains Key AV encrypted
with the Verifiers master key, Key mV.
Kerberos Server Key Distribution Center (K)
3. Request for Connection Auth Service Ticket
5. Ongoing Communication with Key AV
4. V decrypts Service Ticket Uses Key AV to test
Auth
95
KERBEROS AUTHENTICATION ALGORITHM

Kerberos uses a conventional symmetric
cryptography, meaning the encryption and
decryption uses the same key for both processes.
It makes use of a third trusted party, which
stores a database of secret keys, and is called a
Key Distribution Centre (KDC).
It consists of an Authentication Server (AS) and
a Ticket Granting Server (TGS), to verify the
identity of the client.
There are 3 basic steps that are done in order to
authenticate using Kerberos

Step 1
The client sends a request to the authenticating
server (Kerberos).
The server then locates the client in the
database and generates a session key (SK1) to
start a session between the client and the
ticket-granting server.
Using the clients secret key, Kerberos will
encrypt the SK1, after which it will use the
secret key generated by the TGS to create a
ticket- granting ticket (TGT) and send it back to
the client.

Step 2
The client decrypts the message sent by the
authentication server and receives the session
key.
It then uses it to create an authenticator which
includes the users name, IP address and
timestamp, which disallows others to steal the
information from the ticket and the authenticator
for later use, and sends it to the TGS together
with the TGT it received.
The TGS uses the SK1 inside the TGT to decrypt
the authenticator and then verifies the
information it contains, including the ticket. If
all are correct, the request is granted.
The TGS then creates a new session key (SK2) to
start a session between the client and the target
server. Using SK1, it encrypts this message, and
sends it back to the client together with a new
ticket containing the clients name, IP address,
timestamp and an expiration time (all of which
encrypted with the target servers secret key),
as well as the name of the server.

Step 3
The client decrypts the message sent by the TGS
and receives the second session key.
It then creates a new authenticator encrypted
with SK2 and sends it to the target server,
together with the session key encrypted using the
target servers secret key.
The target server decrypts and checks all of the
information received.
Applications that require 2-way authentication
are returned a message with time stamp plus 1,
encrypted with SK2.

99
Finally, the clients identity has been verified
by the server, and now both are able to
communicate securely using a shared encryption
key.
100
Smart card authentication

Cryptographic key is stored on the smart card,
which is unlocked by the user using a special key
pair.
In order to authenticate the user, he places his
smart card into a special card reader attached to
the system he is trying to log in to.
The key from the smart card is being read by the
system.
The system asks the user for his password to
unlock the key.
After the user key in the password, the system
performs a cryptographic key exchange with the
central server for verification of the key. The
user is being authenticated when the key is
verified.

101
Sender Policy Framework (SPF)

The Sender Policy Framework (SPF) is an extension
to the Simple Mail Transfer Protocol (SMTP).
It is an e-mail authentication method that
prevents the forgery of the sender address
residing in the return-path of an e-mail.
Malicious spammers tend to disguise their
identity by making use of other e-mail addresses
to send spam e-mails. In this way, these spammers
could avoid being tracked down and get caught.
Secondly, they could avoid having their own
mailbox filled with undelivered bounce e-mails.
SPF helps to reduce such incidences of email
address and domain spoofing by ensuring that
e-mail receivers only receive e-mails from
senders that use a legitimate server of a
particular domain.

102
UNIT 4
Content

Access and Authentication Technology

Authentication methods PPP, PAP, CHAP, EAP

AAA, RADIUS, TACACS, TACACS, Kerberos

Authentication Header (AH)

Encapsulating Security Payload (ESP)

Virtual Private Networks (VPN) VPN Architectures

Authentication On Wireless LANs

103
Levels of Access Privilege

General users in an enterprise should be grouped
at a minimum into the following three privilege
levels
Employees as users with general access privileges
for free access around the network to default
network and systems resources
Partners as users with lower access privileges
for access to some limited, predetermined network
and systems resources
Outside users with authority to access very
limited systems resources (probably only some
pieces of data or applications) through some
proxy servers.
Additional special privilege levels are likely
needed, e.g., for administrators as users with
higher access privileges, which are required to
gain access to and to administer network and
systems components like servers, routers, etc.

104
IP-AUTHENTICATION MECHANISMS

Because IP is by definition a connectionless
transport technology utilizing datagram exchanges
over the network, special facilities are needed
to ensure user authentication for each of the IP
packets transmitted and received.
Two IP authentication mechanisms
Authentication Header AH which provides
integrity and authentication without
confidentiality.
Encapsulating Security Payload ESP which always
provides confidentiality and optionally also
provides integrity and authentication.
Both AH and ESP use an authentication algorithm
to generate authentication information known as
the Integrity Check Value (ICV), which is placed
in the authentication data field in the
corresponding header.

105
Authentication Header AH

AH defines an Authentication Header that contains
the authentication information for the particular
IP datagram and is used to provide connectionless
data integrity and source identity authentication
for IP datagrams and protection against replays.
This latter, optional service may be selected by
the receiver when a Security Association is
established. (Although the default calls for the
sender to increment the Sequence Number used for
anti-replay, the service is effective only if the
receiver checks the Sequence Number.)
AH provides authentication for as much of the IP
header as possible, as well as for upper-level
protocol data.
However, some IP header fields may change in
transit, and the value of these fields, when the
packet arrives at the receiver, may not be
predictable by the sender.
The values of such fields cannot be protected by
AH.
Thus, the protection provided to the IP header by
AH is somewhat piecemeal.

106
Authentication Header AH

AH may be applied alone, in combination with ESP,
or in a nested fashion through the use of a
tunnel mode.
Security services can be provided between a pair
of communicating hosts, between a pair of
communicating security gateways, or between a
security gateway and a host.
ESP may be used to provide similar security
services as AH, and it also provides an added
confidentiality (encryption) service.
The primary difference between the authentication
capabilities provided by ESP and AH is the extent
of the coverage offered by each. Specifically,
ESP does not protect any IP header fields unless
those with certain authenticating encryption
algorithms. Adding the AH header to an IP
datagram prior to encapsulating the datagram
using ESP might be desirable for users wishing to
have strong integrity, authentication, and
confidentiality, and perhaps also for users who
require strong non-repudiation.
When the two mechanisms are combined, the
placement of the IP AH makes clear which part of
the data is being authenticated.

107
Authentication Header AH
AH Header Format The IP protocol header (IPv4,
IPv6, or Extension) immediately preceding AH will
contain the value 51 in its Protocol (IPv4) or
Next Header (IPv6, Extension) field, where
108
AUTHENTICATION METHODS
109
UNIT 4
Content

Access and Authentication Technology

Authentication methods PPP, PAP, CHAP, EAP

AAA, RADIUS, TACACS, TACACS, Kerberos

Authentication Header (AH)

Encapsulating Security Payload (ESP)

Virtual Private Networks (VPN) VPN Architectures

Authentication On Wireless LANs

110
IPsec ESP and AH Protection
Encapsulating Security Payload
IP Header
ESP Header
Protected
ESP Trailer
Protocol 50
Protocol 51
IP Header
Authentication Header
Protected
Authentication Header
111
Modes and Protections
112
Digital Signature for Message-by-Message
Authentication
To Create the Digital Signature 1. Hash the
plaintext to create a brief message digest this
is NOT the Digital Signature. 2. Sign (encrypt)
the message digest with the senders private key
to create the digital signature. 3. Transmit the
plaintext digital signature, encrypted
with symmetric key encryption.
Plaintext
Hash
MD
Sign (Encrypt) with Senders Private Key
DS
113
Digital Signature for Message-by-Message
Authentication
4. Encrypted with Session Key
Sender
Receiver
114
Digital Signature for Message-by-Message
Authentication
To Test the Digital Signature 5. Hash the
received plaintext with the same hashing
algorithm the sender used. This gives the message
digest. 6. Decrypt the digital signature with
the senders public key. This also should give
the message digest. 7. If the two match,
the message is authenticated.
5.
6.
Received Plaintext
DS
Decrypt with True Partys Public Key
Hash
MD
MD
7. Are they equal?
115
Public Key Deception
Impostor I am the True Person. Here is TPs
public key. (Sends Impostors public key) Here
is authentication based on TPs private
key. (Really Impostors private key) Decryption
of message from Verifier encrypted with
Imposters public key, so Impostor can decrypt it
Verifier Must authenticate True
Person. Believes now has TPs public
key Believes True Person is authenticated based
on Impostors public key True Person, here is a
message encrypted with your public key.
Critical Deception
116
Important X.509 Digital Certificate Fields
Field
Description
Version Number
Version number of the X.509. Most certificates
follow Version 3. Different versions have
different fields. This figure reflects the
Version 3 standard.
Issuer
Name of the Certificate Authority (CA).
Serial Number
Unique serial number for the certificate, set by
the CA.
117
Important X.509 Digital Certificate Fields
Field
Description
Subject
The name of the person, organization, computer,
or program to which the certificate has been
issued. This is the true party.
Public Key
The public key of the subjectthe public key of
the true party.
Public Key Algorithm
The algorithm the subject uses to sign messages
with digital signatures.
118
Important X.509 Digital Certificate Fields
Field
Description
Valid Period
The period before which and after which the
certificate should not be used. Note Certificate
may be revoked before the end of this period.
Digital Signature
The digital signature of the certificate, signed
by the CA with the CAs own private
key. Provides authentication and certificate
integrity. User must know the CAs public key
independently.
119
Important X.509 Digital Certificate Fields
Field
Description
Signature Algorithm Identifier
The digital signature algorithm the CA uses to
sign its certificates.
120
Digital Signature and Digital Certificate in
Authentication
Digital Certificate
Digital Signature
Public Key of True Party
Signature to Be Tested with Public Key of True
Party
Authentication
121
Public Key Infrastructure (PKI) with a
Certificate Authority
Certificate Authority PKI Server
Verifier (Cheng)
6. Request Certificate Revocation List (CRL)
3. Request Certificate for Lee
7. Copy of CRL
5. Certificate for Lee
4. Certificate for Lee

Create
Distribute
Private Key
and
(2) Digital Certificate

Applicant (Lee)
Verifier (Brown)
122
Public Key Infrastructure (PKI)

Goals of PKI
Authenticate the user/system at the sending end
of a transaction
Authenticate the user/system at the receiving end
of a transaction
Non-repudiation
PKI components
Certification Authority (CA)
Registration Authority (RA)
Certificate Repository
Certificate Archive

123
Certification Authority (CA) The CA acts like a
trusted third-party which is made up of hardware,
software and the people operating it. It is in
charge of issuing, managing, authenticating,
signing and revoking of digital certificates.
Digital certificates are like evidence that shows
the binding between an entity and its public key.
Every CA is identified by its name and public
key. Therefore, certificates are signed by the CA
using its name and encrypted with its private key
to prove their authenticity. Verification of the
certificates is done by decrypting with the CAs
public key therefore, the CA must adequately
protect its private key. Registration Authority
(RA) Not everyone is entitled to possess a
digital certificate. The RA is set up to assist
the CA in verifying an entitys identity and
determines if it is eligible to have a public key
certificate issued.
124
Certificate Repository This is a database that
stores all the active digital certificates
managed by the CA. The repository is publicly
readable, but the CA is the only authorized
entity that can modify or update it. The
certificate repository also consists of a
Certificate Revocation List (CRL) which is
issued, time-stamped and signed by the CA. A CRL
contains unique information about revoked
certificates to enable relying entities to
determine a particular certificates
validity. Certificate Archive It contains old
certificates that were issued by the CA and valid
at that point in time. Therefore, if there are
any verification disputes on signatures of old
documents, archived certificates can be retrieved
to prove the authenticity of these documents.
125
Authentication using Public Key Infrastructure
(PKI) In order for authentication to take
place, there must be some sort of cryptography
system to be put in place. PKI supports the
authentication of users and systems by making use
of public key cryptography, which is the
cryptography system that PKI is based on.
126
Implementation of PKI
127
Cross Certification of PKIs
128
Digital Signature for Message-by-Message
Authentication
To Create the Digital Signature 1. Hash the
plaintext to create a brief message digest this
is NOT the Digital Signature. 2. Sign (encrypt)
the message digest with the senders private key
to create the digital signature. 3. Transmit the
plaintext digital signature, encrypted
with symmetric key encryption.
Plaintext
Hash
MD
Sign (Encrypt) with Senders Private Key
DS
129
Digital Signature for Message-by-Message
Authentication
4. Encrypted with Session Key
Sender
Receiver
130
Digital Signature for Message-by-Message
Authentication
To Test the Digital Signature 5. Hash the
received plaintext with the same hashing
algorithm the sender used. This gives the message
digest. 6. Decrypt the digital signature with
the senders public key. This also should give
the message digest. 7. If the two match,
the message is authenticated.
5.
6.
Received Plaintext
DS
Decrypt with True Partys Public Key
Hash
MD
MD
7. Are they equal?
131
Public Key Deception
Impostor I am the True Person. Here is TPs
public key. (Sends Impostors public key) Here
is authentication based on TPs private
key. (Really Impostors private key) Decryption
of message from Verifier encrypted with
Imposters public key, so Impostor can decrypt it
Verifier Must authenticate True
Person. Believes now has TPs public
key Believes True Person is authenticated based
on Impostors public key True Person, here is a
message encrypted with your public key.
Critical Deception
132
Important X.509 Digital Certificate Fields
Field
Description
Version Number
Version number of the X.509. Most certificates
follow Version 3. Different versions have
different fields. This figure reflects the
Version 3 standard.
Issuer
Name of the Certificate Authority (CA).
Serial Number
Unique serial number for the certificate, set by
the CA.
133
Important X.509 Digital Certificate Fields
Field
Description
Subject
The name of the person, organization, computer,
or program to which the certificate has been
issued. This is the true party.
Public Key
The public key of the subjectthe public key of
the true party.
Public Key Algorithm
The algorithm the subject uses to sign messages
with digital signatures.
134
Important X.509 Digital Certificate Fields
Field
Description
Valid Period
The period before which and after which the
certificate should not be used. Note Certificate
may be revoked before the end of this period.
Digital Signature
The digital signature of the certificate, signed
by the CA with the CAs own private
key. Provides authentication and certificate
integrity. User must know the CAs public key
independently.
135
Important X.509 Digital Certificate Fields
Field
Description
Signature Algorithm Identifier
The digital signature algorithm the CA uses to
sign its certificates.
136
Digital Signature and Digital Certificate in
Authentication
Digital Certificate
Digital Signature
Public Key of True Party
Signature to Be Tested with Public Key of True
Party
Authentication
137
Public Key Infrastructure (PKI) with a
Certificate Authority
Certificate Authority PKI Server
Verifier (Cheng)
6. Request Certificate Revocation List (CRL)
3. Request Certificate for Lee
7. Copy of CRL
5. Certificate for Lee
4. Certificate for Lee

Create
Distribute
Private Key
and
(2) Digital Certificate

Applicant (Lee)
Verifier (Brown)
138
Public Key Infrastructure (PKI)

Goals of PKI
Authenticate the user/system at the sending end
of a transaction
Authenticate the user/system at the receiving end
of a transaction
Non-repudiation
PKI components
Certification Authority (CA)
Registration Authority (RA)
Certificate Repository
Certificate Archive

139
Certification Authority (CA) The CA acts like a
trusted third-party which is made up of hardware,
software and the people operating it. It is in
charge of issuing, managing, authenticating,
signing and revoking of digital certificates.
Digital certificates are like evidence that shows
the binding between an entity and its public key.
Every CA is identified by its name and public
key. Therefore, certificates are signed by the CA
using its name and encrypted with its private key
to prove their authenticity. Verification of the
certificates is done by decrypting with the CAs
public key therefore, the CA must adequately
protect its private key. Registration Authority
(RA) Not everyone is entitled to possess a
digital certificate. The RA is set up to assist
the CA in verifying an entitys identity and
determines if it is eligible to have a public key
certificate issued.
140
Certificate Repository This is a database that
stores all the active digital certificates
managed by the CA. The repository is publicly
readable, but the CA is the only authorized
entity that can modify or update it. The
certificate repository also consists of a
Certificate Revocation List (CRL) which is
issued, time-stamped and signed by the CA. A CRL
contains unique information about revoked
certificates to enable relying entities to
determine a particular certificates
validity. Certificate Archive It contains old
certificates that were issued by the CA and valid
at that point in time. Therefore, if there are
any verification disputes on signatures of old
documents, archived certificates can be retrieved
to prove the authenticity of these documents.
141
Authentication using Public Key Infrastructure
(PKI) In order for authentication to take
place, there must be some sort of cryptography
system to be put in place. PKI supports the
authentication of users and systems by making use
of public key cryptography, which is the
cryptography system that PKI is based on.
142
Implementation of PKI
143
Cross Certification of PKIs
144
UNIT 4
Content

Access and Authentication Technology

Authentication methods PPP, PAP, CHAP, EAP

AAA, RADIUS, TACACS, TACACS, Kerberos

Authentication Header (AH)

Encapsulating Security Payload (ESP)

Virtual Private Networks (VPN) VPN Architectures

Authentication On Wireless LANs

145
VPN

VPN is used to provide secure network links
across networks
VPN is constructed on top of existing network
media and protocols
On protocol level IPsec is the first choice
Other protocols are PPTP, L2TP

146
VPN
147
VPN? Whats that?
A VPN is a service that simulates a PRIVATE link
over a PUBLIC network (usually a SP).
Ideally
Private Line (leased)
148
VPN? Whats that?
149
Access VPN Client Initiated
Internet
Encrypted IP
CorporateNetwork

Encrypted tunnel from the remote clientto the
corporate network
Independent of broadband access technology
Standards compliant
IPSec encapsulated tunnel
IKE key management

150
VPN Types Intranet VPN
Remote Office
Main Office
POP
Internet/ IP VPNs
POP
Remote Office
POP
Service Provider

Extends the connectionlessIP model across a
shared WAN
Reduces application development time
Reduces support costs
Reduces line costs

151
VPN Types Extranet VPN
Remote Office
Business Partner
POP
Internet/ IP VPNs
POP
Remote Office
Main Office
POP
Service Provider
Supplier
Customer

Extend connectivity to suppliers, customers, and
business partners
Over a shared infrastructure
Using dedicated connections
While ensuring proper level of authorized access

152
Requirements for a VPN
3.Data should not be altered (any
change should be detectable) (DATA INTEGRITY)
1.Identify and authenticate the other
party (AUTHENTICATION) 2.Un-authorized person
should not be able to intercept, record or
extract data (CONFIDENTIALITY)
4.Protection against replay attacks (SEQUEN

Write a Comment

User Comments (0)