By: Nasoor Bagheri ([email protected]) Network Security In the name of god.

55
By: Nasoor Bagheri ([email protected]) Network Security In the name of god

Transcript of By: Nasoor Bagheri ([email protected]) Network Security In the name of god.

Page 1: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

By: Nasoor Bagheri ([email protected])

Network Security

In the name of god

Page 2: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Introduction• In most systems security is an important

concern—Communications should be secure against

eavesdropping and tampering—Servers/clients should be able to verify the

identity of their clients/servers—The originator of a message should be

verifiable after the message has been delivered

Page 3: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Security Requirements• Confidentiality• Integrity• Availability• Authenticity

Page 4: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Security Levels• unconditional security

—no matter how much computer power is available, the cipher cannot be broken since the ciphertext provides insufficient information to uniquely determine the corresponding plaintext

• computational security —given limited computing resources (eg time

needed for calculations is greater than age of universe), the cipher cannot be broken

Page 5: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Evolution of System Security

1965-75 1975-89 1990-99 Current

Platforms Multi-usertimesharingcomputers

Distributed systemsbased on localnetworks

The Internet, wide-area services

The Internet + mobiledevices

Sharedresources

Memory, files Local services (e.g.NFS), local networks

Email, web sites,Internet commerce

Distributed objects,mobile code

Securityrequirements

User identification andauthentication

Protection of services Strong security forcommercialtransactions

Access control forindividual objects,secure mobile code

Securitymanagementenvironment

Single authority,single authorizationdatabase (e.g. /etc/passwd)

Single authority,delegation, repli-cated authorizationdatabases (e.g. NIS)

Many authorities,no network-wideauthorities

Per-activityauthorities, groupswith sharedresponsibilities

Page 6: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Techniques• Security mechanisms are based on three

techniques—Cryptography

• Used to conceal information• Used in support of authentication• Used to implement digital signatures

—Authentication• Validate the identity of the sender

—Access Control• Allow resources to be accessed only by authorized

individuals

Page 7: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Goals• Authentication: Are you who you claim to be?• Authorization: Are you authorized to do this?• Integrity: Is the message what the user has

sent?• Confidentiality: Can one read this?• Availability (Denial-of-service attacks)• Accountability (Non-repudiation): How can

we prove that the message was indeed sent by the sender?

Page 8: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Tools• Cryptography: Symmetric and

asymmetric• Symmetric: A single secret key for

encryption and decryption• Asymmetric: A key pair: Public key and

private key; sender encrypts using key owner’s public key; key owner decrypts using corresponding private key

Page 9: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Tools (contd.)• Encryption/Decryption algorithms• Digital signatures: Sender uses private key to

generate a special tag and appends to the message. Receiver cross checks the integrity by rechecking with the sender’s public key. (Third party can resolve a dispute)

• Message authentication code (MAC): Secret key, when applied on a message, gives MAC. The receiver can regenerate the MAC and ensure the integrity of the message

• Cryptographic hash functions

Page 10: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Security• Persons managing the security of a valued

resource consider—Prevention: taking measures that prevent damage.

• E.g., one-time passwords (s/key)

—Detection: measures that allow detection of when an asset has been damaged, altered, or copied.

• E.g., intrusion detection, network forensics

—Risk assessment: the value of a resource should determine how much effort (or money) is spent protecting it.

• E.g., If you have nothing in your house of value do you need to lock your doors other than to protect the house itself?

• If you have an $16,000,000 artwork, you might consider a security guard.

Page 11: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Threats and Form of Attacks• Security threats common to computer

systems fall into four broad classes—Leakage

• Acquisition of information by unauthorized parties

—Tampering• The unauthorized alteration of information

—Resource Stealing• use of facilities without authorization

—Vandalism• interference with proper operation

• 2 main categories of attack: passive and active.

Page 12: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Passive Attacks• Eavesdropping on transmissions to obtain

information• Release of message contents

—Outsider learns content of transmission

• Traffic analysis—By monitoring frequency and length of

messages, even encrypted, nature of communication may be guessed

• Difficult to detect• Can be prevented

Page 13: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Active Attacks• Masquerade

—Pretending to be a different entity

• Replay• Modification of messages• Denial of service• Easy to detect

—Detection may lead to deterrent

• Hard to prevent

Page 14: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Methods of attack• Eavesdropping• Replaying

DoOperation...

(continue)

GetRequest.

execute.

SendReply

replayeaves-drop

Page 15: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Methods of attack cont.• Masquerading

GetRequest.

execute.

SendReply

clientimposter

DoOperation...

(continue)

serverimposter

Page 16: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

• The most widely used tool for securing information and services is cryptography.

• Cryptography relies on ciphers: mathematical function used for encryption and decryption of a message.—Encryption: the process of disguising a message in such

a way as to hide its substance. —Ciphertext: an encrypted message—Decryption: the process of returning an encrypted

message back into plaintext.

Cryptography

Encryption DecryptionPlaintext Ciphertext

OriginalPlaintext

Page 17: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Example Ciphers• Caesar cipher: each plaintext characters is

replaced by a character k to the right.—“Watch out for Brutus!” => “Jngpu bhg sbe Oehghf!”—Only 25 choices! Not hard to break by brute force.

• Substitution Cipher: each character in plaintext is replaced by a corresponding character of ciphertext.—E.g., cryptograms in newspapers.

plaintext code: a b c d e f g h i j k l m n o p q r s t u v w x y z

ciphertext code: m n b v c x z a s d f g h j k l p o i u y t r e w q

• 26! Possible pairs.

Page 18: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Ciphers• For some message M, let’s denote the encryption

of that message into cipher text asEk(M) = C

Similarly, the decryption into plain text asDk(C) = M

Notice,Dk(Ek(M)) = M symmetric key algorithms.

Some algorithms use different keys for each operation: Dk1(Ek2(M))= M public-key algorithms.

Page 19: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Figure 16.1 Simplified Model of Symmetric Encryption

Page 20: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Ingredients• Plain text• Encryption algorithm• Secret key• Cipher text• Decryption algorithm

Page 21: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Requirements for Security• Strong encryption algorithm

—Even if known, should not be able to decrypt or work out key

—Even if a number of cipher texts are available together with plain texts of them

• Sender and receiver must obtain secret key securely

• Once key is known, all communication using this key is readable

Page 22: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Attacking Encryption• Cryptanalysis

—Relay on nature of algorithm plus some knowledge of general characteristics of plain text

—Attempt to deduce plain text or key

• Brute force—Try every possible key until plain text is

achieved

Page 23: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Timing Attacks• developed in mid-1990’s• exploit timing variations in operations

—eg. multiplying by small vs large number —or IF's varying which instructions executed

• infer operand size based on time taken • RSA exploits time taken in exponentiation• countermeasures

—use constant exponentiation time—add random delays—blind values used in calculations

Page 24: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

plaintext EncryptEncrypt DecryptDecrypt

Ke Kd

C = EKe(plaintext)

InvaderInvaderSide information plaintext

plaintext

Cryptanalysis

Cryptanalysis

Page 25: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Cryptanalysis• Cryptanalysis is the science of recovering the

plaintext of a message without access to the key.• Doesn’t have to discover the key necessarily.• The loss of a key without cryptanalysis is called a

compromise.

• Ciphertext-only attack— The attacker has to recover the plaintext from only the

ciphertext.

• Known-plaintext attack— Portions of the cipher are known as plaintext. The rest may be

easier to recover

• Chosen-plaintext attack— The attacker can choose what plaintext to encrypt, again

making it easier to recover other ciphertext.

Page 26: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Encryption Algorithms• Block cipher

—Process plain text in fixed block sizes producing block of cipher text of equal size

—Data encryption standard (DES)—Triple DES (TDES)—Advanced Encryption Standard

Page 27: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Simple Block Cipher

B2 B1 B0

encrypt

Plaintext message

B3

B3

B2B1B0

Page 28: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Problem• If the same block is encrypted twice with

the same key, the resulting ciphertext blocks are the same—It is desirable to make identical plaintext blocks

encrypt to different ciphertext blocks.

• Two methods are commonly used for this:—CBC mode: a ciphertext block is obtained by

first xoring the plaintext block with the previous ciphertext block, and encrypting the resulting value.

—CFB mode: a ciphertext block is obtained by encrypting the previous ciphertext block, and xoring the resulting value with the plaintext.

Page 29: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

CBC

encrypt

BnBn-1Bn-2Bn-3

XORBn+1Bn+2Bn+3Bn+4

Page 30: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Stream Ciphers• For some applications encryption in blocks

will not work—Telephone conversation—Radio Broadcast—…

• White noise…

Page 31: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Stream Cipher

encrypt

XOR

K0K1K2K3

numbergenerator

keystream

buffer

Plaintext stream

Encrypted stream

Page 32: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Data Encryption Standard• US standard• 64 bit plain text blocks• 56 bit key• Broken in 1998 by Electronic Frontier

Foundation—Special purpose machine—Less than three days—DES now worthless

Page 33: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Triple DEA• ANSI X9.17 (1985)• Incorporated in DEA standard 1999• Uses 3 keys and 3 executions of DEA

algorithm• Effective key length 112 or 168 bit• Slow• Block size (64 bit) too small

Page 34: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Advanced Encryption Standard• National Institute of Standards and Technology

(NIST) in 1997 issued call for Advanced Encryption Standard (AES)—Security strength equal to or better than 3DES—Improved efficiency—Symmetric block cipher—Block length 128 bits—Key lengths 128, 192, and 256 bits—Evaluation include security, computational efficiency,

memory requirements, hardware and software suitability, and flexibility

—2001, AES issued as federal information processing standard (FIPS 197)

Page 35: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

AES Description• Assume key length 128 bits• Input is single 128-bit block

—Depicted as square matrix of bytes—Block copied into State array

• Modified at each stage—After final stage, State copied to output matrix

• 128-bit key depicted as square matrix of bytes—Expanded into array of key schedule words—Each four bytes—Total key schedule 44 words for 128-bit key

• Byte ordering by column—First four bytes of 128-bit plaintext input occupy first column

of in matrix—First four bytes of expanded key occupy first column of w

matrix

Page 36: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Location of Encryption DevicesFigure: Encryption Across a Packet Switching Network

Page 37: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Link Encryption• Each communication link equipped at both

ends• All traffic secure• High level of security• Requires lots of encryption devices• Message must be decrypted at each

switch to read address (virtual circuit number)

• Security vulnerable at switches—Particularly on public switched network

Page 38: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

End to End Encryption• Encryption done at ends of system• Data in encrypted form crosses network

unaltered• Destination shares key with source to

decrypt• Host can only encrypt user data

—Otherwise switching nodes could not read header or route packet

• Traffic pattern not secure

• Use both link and end to end

Page 39: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Key DistributionQuestion: How to deliver a shared key to 2 parties that wish to exchange data without others to see the key?

• Key selected by A and delivered to B• Third party selects key and delivers to A

and B• Use old key to encrypt and transmit new

key from A to B• Use old key to transmit new key from third

party to A and B

Page 40: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Message Authentication• Protection against active attacks

—Falsification of data—Eavesdropping

• Message is authentic if it is genuine and comes from the alleged source

• Authentication allows receiver to verify that message is authentic—Message has not altered—Message is from authentic source—Message timeline

Page 41: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Authentication Using Encryption• Assumes sender and receiver are only

entities that know key• Message includes:

—error detection code —sequence number—time stamp

Page 42: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Authentication Without Encryption• Authentication tag generated and

appended to each message• Message not encrypted• Useful for:

—Messages broadcast to multiple destinations• Have one destination responsible for authentication

—One side heavily loaded• Encryption adds to workload• Can authenticate random messages

—Programs authenticated without encryption can be executed without decoding

Page 43: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Message Authentication Code• Generate authentication code based on

shared key and message• Common key shared between A and B• If only sender and receiver know key and

code matches:—Receiver assured message has not altered—Receiver assured message is from alleged

sender—If message has sequence number, receiver

assured of proper sequence

Page 44: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Figure : Message Authentication Using a Message Authentication Code

Page 45: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

One Way Hash Function• Accepts variable size message and

produces fixed size tag (message digest)• Advantages of authentication without

encryption—Encryption is slow—Encryption hardware expensive—Encryption hardware optimized to large data—Algorithms covered by patents—Algorithms subject to export controls (from

USA)

Page 46: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Secure Hash Functions• Hash function must have following

properties:—Can be applied to any size data block—Produce fixed length output—Easy to compute—Not feasible to reverse—Not feasible to find two message that give the

same hash

Page 47: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

SHA-1• Secure Hash Algorithm 1• Input message less than 264 bits

—Processed in 512 bit blocks

• Output 160 bit digest

Page 48: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Public Key Encryption• Based on mathematical algorithms• Asymmetric

—Use two separate keys

• Ingredients—Plain text—Encryption algorithm—Public and private key—Cipher text—Decryption algorithm

Page 49: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Figure 16.9 Public-Key Cryptography

Page 50: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Public Key Encryption - Operation• One key made public

—Used for encryption

• Other kept private—Used for decryption

• Infeasible to determine decryption key given encryption key and algorithm

• Either key can be used for encryption, the other for decryption

Page 51: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Digital Signature• Sender encrypts message with their

private key• Receiver can decrypt using senders public

key• This authenticates sender, who is only

person who has the matching key• Does not give privacy of data

—Decrypt key is public

Page 52: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Signatures• Handwritten signatures can verify that a

document is—Authentic

• The signature is mine and has not been altered

—Unforgettable• Proves that I signed the document

—Non-repudiation • I cannot deny that I signed the document

Page 53: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Digital Signatures• Public key systems can also be used to

provide message authentication:—The sender’s secret key can be used to

encrypt a message, thereby signing it—This creates a digital signature of a message,

which the recipient (or anyone else) can check by using the sender's public key to decrypt it.

—This proves that the sender was the true originator of the message, and that the message has not been subsequently altered by anyone else

Page 54: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Digital Properties• The properties of digital documents are

different from paper documents—We need to be able to bind a signature to the

entire sequence of bits that make up the document

—How do I prevent someone from revealing their private key and then claiming they never signed something?

Page 55: By: Nasoor Bagheri (na_bagheri@yahoo.com) Network Security In the name of god.

Last Slide

Thank you

?