Chapters 8 Network Security

1
Chapters 8Network Security

• Professor Rick Han
• University of Colorado at Boulder
• rhan_at_cs.colorado.edu

2
Announcements

• HW 5 (short) due May 2
• Programming Assignment 3 due May 2
• Final Exam May 7, 430-700 pm
• Comprehensive
• In this room
• Review next time
• Last weeks lectures on the Web
• Next, IPSec, Firewalls

3
Recap of Previous Lecture

• Authentication via Digital Signatures
• Hash the document, encrypt the hash with your
  private key
• Data Integrity via One-Way Hashes
• Non-Repudiation comes for free with public-key
  authentication
• Key distribution via Digital Certificates from a
  trusted Certificate Authority
• SSL/TLS
• Public key handshake to negotiate secret session
  key
• HTTPS HTTP over SSL/TLS

4
Symmetric Key Distribution

• Key distribution
• Public key via trusted Certificate Authorities
• Symmetric key?
• Diffie-Helman Key Exchange
• Public key, then secret key (e.g. SSL)
• Symmetric Key distribution via a KDC (Key
  Distribution Center)

5
Symmetric Key Distribution (2)

• Symmetric Key distribution via a KDC (Key
  Distribution Center)
• KDC is a server (trusted 3rd party) sharing a
  different symmetric key with each registered user
• Alice wants to talk with Bob, and sends encrypted
  request to KDC, KA-KDC(Alice,Bob)
• KDC generates a one-time shared secret key R1
• KDC encrypts Alices identity and R1 with Bobs
  secret key, let m KB-KDC(Alice,R1)
• KDC sends to both Alice R1 and m, encrypted with
  Alices key i.e. KA-KDC(R1, KB-KDC(Alice,R1))
• Alice decrypts message, extracting R1 and m.
  Alice sends m to Bob.
• Bob decrypts m and now has the session key R1

6
Symmetric Key Distribution (3)
m

• Kerberos authentication basically follows this
  KDC trusted 3rd party approach
• In Kerberos, the message m is called a ticket and
  has an expiration time

7
IPsec

• IP security protocol is a suite of protocols for
  security at the network layer
• Provides data confidentiality/secrecy Encrypt
  the IP payload (not header, except when
  tunneling)
• All higher layer information is encrypted,
  including TCP/UDP port s
• Called the Encapsulation Security Payload (ESP)
  protocol
• Provides source authentication and data integrity
• Authenticates the source to make sure the sender
  is not spoofing IP addresses
• Called the Authentication Header (AH) protocol

8
IPsec (2)

• ESP protocol provides network-layer secrecy,
  source host authentication and data integrity
• TCP/UDP segment is surrounded by header and
  trailer fields
• DES-CBC encryption of TCP/UDP segment trailer
• Trailer lists the Protocol of the segment (TCP,
  or UDP, or ). Hidden from observers.
• Normal IP routing using IP header. Destination
  sees protocol50 and decrypts ESP packet

9
IPsec (3)

• Authentication field contains digital signature
  of entire original IP datagram (same as AH
  signature)
• Signed message hash over IP header TCP/UDP
  segment, including IP source address
• Cant spoof an IP address or tamper with the IP
  header without being detected

10
IPsec (4)

• AH protocol provides source authentication and
  data integrity, but not secrecy
• Insert an AH header between IP header (indicated
  by Protocol 51)
• Next Header field indicates whether segment is
  TCP, UDP, etc.
• Authentication Data field contains a digital
  signature, or signed message digest calculated
  over the original IP datagram
• Provides source authentication
• Provides datagram integrity tamper check
• Digital signature could be DES, MD5, or SHA -
  negotiated

11
IPsec (5)
Logical Security Agreement

• The two IP endpoints set up a logical connection
  called a Security Agreement (SA)
• Simplex/unidirectional end-to-end security
• Uniquely identified by 3-tuple the security
  protocol (AH or ESP), source IP address, and a
  32-bit ID called Security Parameter Index (SPI)
• Key management in an SA governed either by
  Internet Key Exchange (IKE) algorithm or Internet
  Security Association and Key Management Protocol
  (ISAKMP)

12
IPsec (6)
Encrypted IP datagrams

• Some implications
• NATs will no longer work when dealing with
  IPsec-encrypted IP datagrams why?
• NATs are transparent yet also require knowledge
  of TCP source port this is encrypted by IPsec!
• Also, NATs require changing the source port and
  source IP address, but NAT cant modify the
  digital signature (which prevents undetectable
  tampering)

13
IPsec (7)
Secure Intranet
Secure Intranet
Secure Tunnel over Insecure IP routing

• Some implications
• Virtual Private Networks (VPNs) are created and
  connected using IPsec
• Create IPsec gateways that tunnel/encapsulate
  across the insecure Internet Virtual
• IPsec provides confidentiality Private

14
IPsec (8)

• May want to use IPsec over your corporate
  intranet, even though the intranet is protected
  by a firewall
• Protects against eavesdropping, tampering, and
  spoofing from the inside, i.e. disgruntled
  employees
• IPsec has been proposed as part of wireless
  solution to overcome WEPs security flaws
• How widely deployed?
• In Windows 2000/XP, some Linux flavors (Suse 8.0,
  patch others with open source IPsec
  implementation called FreeSWAN), firewalls, Cisco
  routers
• Philosophy if I have SSL end-to-end security why
  do I need IPsec end-to-end security?
• Headers still exposed and could reveal info

15
Firewalls

• Weve already seen two kinds of firewalls in
  action
• NATs act as filter-based firewalls
• HTTP proxies can act as proxy-based firewalls
• Firewalls address the Availability problem in
  security
• Guaranteeing access to legitimate users.
  Prevention of Denial-of-Service (DOS) attacks to
  a corporate intranet

16
Firewalls (2)

• Filter-based firewall can by default implement a
  policy that
• Admits packets not on a list, OR
• Only admits packets on a list
• The firewalls list/table will contain 5-tuples
• ltsource IP addr, source TCP/UDP port, destination
  IP address, destination TCP/UDP port, protocolgt
• Can specify wildcards, e.g. lt128.92.0.3, ,
  192.12.13.14, 80, TCPgt could mean to let pass all
  TCP packets with a source addr 128.92.0.3, any
  source port, which are destined for 192.12.13.14
  port 80.

17
Firewalls (3)

• Sample policy 1 Filter-based firewalls can
  block all inbound packets claiming a source IP
  address from within an intranet
• Thus, the interface from which a packet arrives
  is as important as the IP header info
• Prevents easy spoofing of source IP addresses
• Sample policy 2 filtering of all inbound UDP
  packets is popular among corporations to block
  external video on intranet
• What about DNS?
• Can limit to a few inbound ports from trusted DNS
  servers
• can also remember that youre expecting a
  response from a particular DNS server.
• Cant entirely eliminate spoofing of external
  addresses though

18
Firewalls (4)

• Sample policy 3 Enable all outgoing TCP
  connections but block all incoming TCP
  connections
• Looks inside TCP packets and rejects all inbound
  SYN attempts
• Variation look inside TCP packets and reject all
  inbound packets with TCP ACK bit set to 0
  accomplishes same effect as rejecting inbound
  SYNs
• TCP ACK bit is set to 0 only for first segment of
  a TCP connection, otherwise it is set to 1 for
  responses
• Layer 4 switch

19
Firewalls (5)

• Sample policy 4 Packet-filtering firewalls can
  reject all inbound packets from a block of
  addresses
• Some ISPs have in the past rejected all packets
  with IP source addresses from China because
  hackers often use insecure servers in China to
  launch DOS attacks

20
Firewalls (6)

• FTP and firewalls
• FTPing between an intranet client to an external
  server creates both an outbound control
  connection (port 21) and an inbound TCP data
  connection (port 20)
• The inbound data connection gets blocked by a
  firewall implementing sample policy 3
• Solution server supports PASV option, chooses
  port gt 1023, informs client of its port via the
  control channel, then the client initiates a TCP
  connection to servers chosen port thru firewall
• Most Web browsers support the PASV option but not
  all FTP servers