Information Security Fundamentals Major Information Security Problems and Solutions Department of...

Information Security Fundamentals

Information Security FundamentalsMajor Information Security Problems and Solutions

Department of Computer ScienceSouthern Illinois University Edwardsville

Fall, 2013

Dr. Hiroshi FujinokiE-mail: [email protected]

Information_Security/001



• Software programs are running two physically separated host computers

Network

Program A Program B

Assumptions throughout this discussions

ClientServer

Two assumptions

Unreliable message transmissions

Possible hijack of network resources




• Software programs communicate through insecure public networks

Network

Program A Program B

Unreliable message transmissions

(a) Messages you transmit may not reach a destination.

(b) Messages you transmit may be duplicated.(c) Messages you transmit may reach a destination out of order.






• Routers store your messages in them, and they forward.

• Someone else can access (read) contents in your message.

Network

Program A Program B

Someone hasillegal accessto this router

Router





Network

Program A Program B


• Routers store your messages in them, and they forward.

• Someone else can modify the contents in your message.



Major Known Information Security Problems

Release of message contents

Modification of message contents

Masquerading the identity of information sender and receiver

Repudiation of message transmission and/or receiving

Denial of services

Traffic analysis

Message-replays



Major Known Information Security Problems and Their Solutions

Release of message contents

Modification of message contents

Masquerading the identity of information sender and receiver

Cryptography

Message Digest

Digital Signature



A

Originalinformation

A’

Encryptedinformation

f

Encryption

mathematicalfunction

=

E.g., ‘A’(ASCII ‘A’)

E.g., +

E.g., ‘B’(ASCII ‘B’)

1 Encryptionkey

A’

E.g., -

1 Encryptionkey

A

Originalinformation

Sender

ReceiverInternet

Public Network(Internet)

f ’

Decryption

Cryptography

This type of cryptography iscalled “symmetric cryptography”



Cryptography (to prevent release of message contents)

Three important issues in cryptography:

(1) Encryption must be hard to break (time, computer resources)

(2) Encryption key must be safely transferred over a network

(3) Encryption must be scalable in the number of users you deal with

A solution that satisfies all the above requirements

“Asymmetric-Key Cryptography”

Different keys can be used for encryption and decryption.

The two big problems ofsymmetric cryptography




Network

S R

S

P

• Encryption keys are always made as a pair of two keys

• One of the two keys is called “secret (private) key” while the other is is called “open (public) key”.

• You must keep your private key always secret (= never transfer it to anywhere)

• You can give your public key to any people you would like to securely communicate

P

(anyone should be able to get the public key)




Network

S R

S

P

Two most important properties in asymmetric-key cryptography:

(1) If a message is encrypted by a public key, the encrypted message can be decrypted only by its private key.

(2) If a message is encrypted by a private key, the encrypted message can be decrypted only by its public key.

P

Plain Message

X P

Plain Message

Plain Message




Network

S R

S

P

Two most important properties in asymmetric-key cryptography:

(1) If a message is encrypted by a public key, the encrypted message can be decrypted only by its pair secret key.

(2) If a message is encrypted by a secret key, the encrypted message can be decrypted only by its pair public key.

P

X P

Plain MessagePlain Message

Plain Message




Three important issues in cryptography:

(1) Encryption must be hard to break (time, computer resources)

(2) Encryption key must be safely transferred over a network

(3) Encryption must be scalable in the number of users you deal with

Solved !!



Message digests (to prevent modification of message contents)

Network

S R

Message

(2) Attach the digest to the message

(1) Calculate a message digest

H e l l o W o r l d !72 101108108111 32 87 111 114108100 33ASCII Code:

(8 mod (total)) = 193

193

This methods has two problems!

Message

193

Message

193



Network

S R


Message

193

How can we prevent this problem?

249



Network

S R

Message


193

S

P

(2) Encrypt the digest using the private key


(3) Attach the encrypted digest to the message

(4) The whole message is transferred

(5) R downloads the public key of S

(6) R decrypts the digest from S

(7) R calculates the digest on its own and compares it with the digest from S

P

Message

193




Network

S R

Message

(2) Attach the digest to the message


H e l l o W o r l d !72 101108108111 32 87 111 114108100 33ASCII Code:

(8 mod (total)) = 193

193

If we have 8 bits for a digest, what is theprobability of the digest accidentally match?

It’s 1/256!

CertificateAuthority

Merchant’shost (server)

Client’shost (browser)

CA creates a certificate for this merchant

S1

P1

Digital Certificate

S2

P2P2

HASH

CA encrypts this certificate using its PRIVATE key

Encrypt

CA issues (transmits) this certificates to the merchant

The merchant sends its certificate to you

HASH

Compare

P2

P1

Decrypt

(hash) digestof the server’scertificate

A client contacts this merchant for business

Digital signatureof this certificate

Extracted DigitalSignature of the CA

Re-Constructed DigitalSignature of the CA

Initiate the hybridencryption with

this server

Request for issuing a certificate for this merchant (must pay $$$)

P2P2P2



Digital Certificate

Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: md5WithRSAEncryption Issuer: C=JP, ST=Aichi-Ken, L=Nagoya, O=NIT, OU=TEST depth, CN=ailab second cert/[email protected] Validity Not Before: Sep 22 05:31:34 1998 GMT Not After : Sep 22 05:31:34 1999 GMT Subject: C=JP, ST=Aichi-Ken, O=nitech.ac.jp, OU=ailab, CN=test7.second/Email=7.second@mars Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (512 bit) Modulus (512 bit): 00:bd:06:2b:bc:35:55:0b:d7:c4:d6:09:a5:b7:5c: 57:2a:0a:e5:7d:8c:2e:ed:8f:df:c3:ca:37:63:bb: ae:b1:ac:94:54:40:da:7b:71:16:ff:e7:68:5e:00: 49:54:43:70:b7:a1:35:0a:e3:53:4d:4c:86:d2:90: e8:18:39:55:2b Exponent: 65537 (0x10001) X509v3 extensions: Netscape CA Revocation URL: .#http://www.cryptsoft.com/ca-crl.pem Netscape Comment: ..This is a comment Netscape Cert Type: ...@ Signature Algorithm: md5WithRSAEncryption e7:04:71:f0:9a:d5:da:5e:50:c5:13:20:97:8c:ff:69:fa:18: 2a:9d:b8:75:22:d7:f4:d5:87:4a:7c:c4:3a:7f:b7:72:0f:a3: f3:f4:82:60:8e:e0:f8:10:36:9f:d9:a8:c3:b2:83:50:3d:dd: 5c:b8:29:b7:79:49:03:13:6d:83

Declare the beginning of a certificate

ITU-T X.509 Version 3 certificate format

Unique Certificate Serial #

Which hash and encryption are used for the signature

Name of the CA who issued this certificate

Name of the server this certificate is issued to

This is the public-key information for the server!

This is the digital signature signedby this CA (not by this server)

Encryption algorithm you need to usewhen you talk to this server

CS 548 Network Security




Client’shost (browser)

S1

P1

S2

P2

CA issues (transmits) this certificates to the merchant

P1

Request for issuing a certificate for this merchant (must pay $$$)

P2P2P2

How can you be sure thatthis CA is a legitimate CA?

When (or how) did you getthe public-key of this CA?

If you are going to getthe public-key throughthe network, how you

are sure this key is fromthe CA?

Digital Certificate





S2

P2

Certificate forthis CA Request for the certificate issued

to this CA

This CA sends its certificate to this merchant

P2P2P2

This is the certificatefor this merchant

HASH

CompareDecrypt



P

We need the publickey for this decryption

S

P

You can (should) not getthe public-key from this CA

Digital Certificate





S1

P1

S2

P2

Request for the certificate issued

to this CA

This CA sends its certificate to this merchant

P2P2P2

This is the certificatefor this merchant

HASH

CompareDecrypt



AnotherCertificateAuthority

S3

P3

P3

P3

How can this merchantbe sure that P3 is from Y?

X

Y




CA X requests Y to issue a certificate for X!

Certificate forthis CA

Digital Certificate



CertificateAuthorityCertificateAuthorityCertificateAuthority

R



Root CA

The CA who does not have the parent CA

Digital Certificate

(a) Your browser must have the pre-installed certificate of the root CA

(b) If your browser does not have the certificate of the root CA, you must make your own decision of you accept (trust) the certificate of not

S3

P3

S3S3S3

P3P3

P3P3

P4P4P4

P4P4P4

P5P5P5

P5P5P5

S6

P6

S6S6S6

P6P6P6

P6P6P6

P6P6P6

P3P3

X


Y


Z

S5

P5

S5S5

P5P5P5

S4

P4

S4S4

P4P4P4





Repudiation of message transmission of receiving

Network

S R

Message

S transmitsa message to R

R received thismessage from S

Non-Repudiation

(a) S can not deny that it transmitted this message to R.

(b) R can not deny that it received this message from S.



Repudiation of message transmission of receiving

Network

S R

Message

I did not transmitthis message to S

I did not receivethis message from S

Non-Repudiation

(a) S can not deny that it transmitted this message to R.

(b) R can not deny that it received this message from S.

This situation is NOT repudiation

(because message transfer did not occur)



How to prevent repudiation?

Homework: Develop an algorithm that prevents the two types of repudiations

• Use the information security solutions we discussed so far

• We still assume an insecure network environment

(especially message losses and message duplications)

Hints:

• Like digital certificate, combine multiple security solutions

• It should be “algorithm” (which contains “if – else” structures)

Information Security Fundamentals Major Information Security Problems and Solutions Department of...

Documents

Transcript of Information Security Fundamentals Major Information Security Problems and Solutions Department of...