Chapter 14 Network Encryption. Communications Security Physical protection works for local networks...
-
Upload
noah-marsh -
Category
Documents
-
view
217 -
download
0
Transcript of Chapter 14 Network Encryption. Communications Security Physical protection works for local networks...
Chapter 14Network
Encryption
Communications Security
• Physical protection works for local networks– Impractical for long-distance communications
• Types of attacks– Passive – eavesdropping or sniffing– Active – maliciously create or modify data
• Crypto techniques protect data when outside our physical control– Confidentiality, Integrity– Authenticity, Nonrepudiation
Crypto by Layers
Applying Crypto Layers
• We get different results when we apply crypto at different layers– Different key distribution requirements– Data protected in different places and ways
• Transparency – does crypto interfere?– Network transparency: can the network still
carry our traffic with the crypto applied?– Application transparency: is crypto applied
without affecting the application?
Layer 2: Link Encryption
Layer 3: Network Encryption
Layer 4: Transport Encryption
Layer 7: Application Encryption
Administrative and Policy Issues
• Scope of sniffing protection• Traffic filtering – does the crypto interfere?• Automatic encryption – must we rely on the end
user to enable crypto for sensitive data?• Access to Internet sites – full, automatic
encryption makes Internet access impossible• End-to-end crypto – do we need to associate
crypto operations with end users?• Keying – do end users need to manage keys?
We will review all of these at the end
Crypto Keys on the Network
• The key management problem– Ensure that the right people have keys– Prevent attackers from uncovering keys
• Key distribution objectives– Ensure that keys are changed periodically– Change keys when access rights change
• The default keying risk: keys installed by vendor– Default keys work “out of the box”– Attackers also have copies of the default keys
Key Distribution Strategies
• One big cryptonet – share the same secret key with everyone who must communicate safely
• Groups of cryptonets – share the same key among smaller communities of users
• Pairwise key sharing – one per endpoint pair• Key distribution center – a shared server that
distributes working keys to approved users• Public key distribution – use public key
techniques to distribute keys
Key Distribution Techniques
• Manual keying– Distribute all keys ‘by hand’ in person or via
trustworthy couriers – often a starting point• Simple rekeying
– Unreliable tricks to replace an existing key• Secret-key techniques
– Wrapping, KDCs, hashing• Public-key techniques
– Diffie-Hellman, RSA
Simple Rekeying: Weak
• Self-rekeying– Use a PRNG to transform the current key into
a new one– Separate endpoints can apply the same
PRNG to yield the same key• New keys encrypted with old
– Generate a new, random key– Use previous key to encrypt it for distribution
• Both techniques may leak all traffic if old keys are disclosed
Stronger Secret Key Building Blocks
• Key Wrapping– Use wrapping technique from Chapter 8 to
protect keys carried in network messages– Traffic encrypting Key (TEK) wrapped by KEK
• Key Distribution Center (KDC)– The center distributes wrapped keys– Authorized users share a secret with the KDC
• Shared Secret Hashing– Generate a new key using a one-way hash
Key Wrapping
Key Distribution Center
Shared Secret Hashing
Public Key Building Blocks
• Anonymous Diffie-Hellman secret sharing– D-H inherently constructs a shared secret– We can use it to construct a temporary shared
secret for any two endpoints• RSA key wrapping (encapsulation)
– One endpoint (the client) creates a secret key shared with the other endpoint (the server)
– Only the server needs a public key pair– Client needs a copy of the server’s public key
Anonymous Diffie-Hellman
RSA Key Wrapping
Trade-Off: Public and Secret Keys
Secret Key• Limited resources• Clearly defined user
community• Revocation must be
timely and reliable• Small user community• Trustworthy servers
are available
Public Key• User community can’t
be identified ahead of time
• Large community, and
• Untrustworthy server computer
• Inefficient revocation is an acceptable risk
Application Layer Encryption
Email key wrapping and encryption
• [Insert figure 14.16]
Transport Layer Security: SSL/TLS
• Secure Sockets Layer (SSL)– Developed by Netscape in 1994– Part of commercial client/server Web package– First really successful public-key application
• Inherited by the IETF– Now called Transport Layer Security (TLS)
• Three-part protocol– Handshake protocol – key exchange– Record protocol – data exchange– Alert protocol – errors and session shutdown
SSL Handshake Protocol
SSL Key Construction
SSL Record Transmission
Network Layer Encryption
• Provides both application transparency and network transparency
• Primary use: Virtual Private Networks (VPNs)– Network carries plaintext inside a site– VPN gateway encrypts data between sites
• “proxy encryption”– Remote users use VPN crypto to access site
• IPsec – IP Security Protocol– Used for Internet VPNs
Example VPN
Encryption by an IPsec Gateway
IPsec Encrypted Packet
Internet Key Exchange (IKE) Protocol
Wireless LAN Encryption
• Wireless Equivalent Privacy (WEP)– Introduced with early Wi-Fi products– Used RC4 and 40-bit keys– Later increased to 128-bit keys (WEP 2)– Successful attacks in early 2000s
• Wireless Protected Access (WPA, WPA2)– First WPA designed to work with existing Wi-
Fi hardware (still used RC4)– WPA2 uses AES, improved integrity
protection, and improved key exchange
WPA2 Crypto Format
Crypto Policy: Sniffing
Crypto Policy: Automatic Encryption
Crypto Policy: Others
End of Chapter 14