1 / 20

Distributed System Security

4/22/04 CPSC 550 Brian Williams. Distributed System Security. Distributed System Security: Goals. Complete Protection Against All Possible Attacks Attacks: Leakage Attacker intecepts message he/she is unauthorized to access Tampering

hilaire
Download Presentation

Distributed System Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 4/22/04 CPSC 550 Brian Williams Distributed System Security

  2. Distributed System Security: Goals • Complete Protection Against All Possible Attacks • Attacks: • Leakage • Attacker intecepts message he/she is unauthorized to access • Tampering • Attacker intercepts and alters a network message, giving benefit to the attacker • Vandalism • Attacker intercepts and alters a network message, but without benefit to the attacker

  3. Distributed System Security: Goals System Security reduces to data encryption Attacker Encryption Computer 2 Computer 1

  4. Distributed System Security: Definitions • Public Key – Encryption key that is well-known and/or not hidden from third parties • Private Key – Encryption key that is known only by the message sender and/or receiver • Public Key Encryption – An encryption scheme that make use of a public key • Secret Key Encryption – An encryption scheme that implores only private keys

  5. Distributed System Security: Definitions • One Way Function – A one-to-one mathematical function that is easily computable, but whose inverse is very difficult to compute • Secure Digest Function – A function that takes an argument M, and returns a fixed length “digest” V, such that V1 is probably much different than V2, for distinct M1, M2.

  6. Distributed System Security:Naming Conventions • Alice – First participant in network communication • Bob – Second participant in network communication • Carol – Third Participant (when applicable) • Dave – Fourth Participant (when applicable) • Eve – Eavesdropper • Mallory – Malicious Attacker • Sara – A Server

  7. Distributed System Security: Structure • Always prepare for worst-case scenarios • We Assume • Our System Interfaces are exposed • Attacker can send message to any address on the network • Our Network is insecure • Attacker can spoof the address of any message he/she sends with any address value • Our algorithms and their source code are availible to the attackers • Attackers have the best computing equipment made during the lifetime of our system

  8. Distributed System Security: Structure (2) • Private Key Encryption • Alice & Bob share knowledge of a secret key K • Alice encrypts her message M, with E(M,K) • Bob decrypts Alices message by D(E(M,K)) = M • Public Key Encryption • Bob creates two keys, Kd and Ke • Bob sends Alice Ke • Alice encrypts her message with E(M,Ke) • Bob decrypts the message with D(E(M,Ke),Kd) = M • Mallory cannot find Kd, even though she knows Ke

  9. Distributed System Security: History • Encryption algorithms date back as far as the Ancient Greeks • Military commanders needed to hide their plans from the enemy • National Bureau of Standards calls for official encryption algorithm in 1973 • Adopts “Lucifer” algorithm in 1976 • Now known as Data Encryption Standard (DES) • National Security Agency restricts key sizes to 56 bits

  10. Distributed System Security: History • Researchers at Stanford announce Diffie-Hellman-Merkle algorithm in 1976 • Allows for secret key exchange over an insecure channel • Ronald Rivest, Adi Shamir and Leonard Adleman announce RSA algorithm in 1997 • First public key encryption algorithm

  11. Distributed System Security:Diffie-Hellman-Merkle Algorithm • Alice and Bob generate seperate and secret keys Ka and Kb • Alice generates another number g, and sends it to Bob • Alice computers g^Ka (mod n) and sends it Bob, while Bob computers g^Kb (mod n) and sends it to Alice • Alice computes (g^Kb)^Ka (mod n) and Bob computes (g^Ka)^Kb (mod n)

  12. Distributed System Security:RSA Algorithm • Alice finds two large prime numbers p, q • Alice computes n=p*q and f=(p-1)*(q-1) • Alice picks a random number e, between 1 andf-1 such that e is relatively prime to f • Alice computes d, where e*d = 1 (mod n) • Alice sends e and n to Bob • Bob encrypts his message as E=M^e (mod n) • Alice decrypts his message with D = E^d (mod n)

  13. Distributed System Security: Remaining Vunerabilities • Remaing System Vunerabilities • 1) Mallory can still send messages to Bob, spoofed with Alice's address • 2) Mallory can copy messages that Alice sent, and replay them to Bob at a later time • 3) Mallory can intercept the messages containing the initial key exchange and replace Alice's messages with her own

  14. Distributed System Security: Vunerablity Solutions • Attack 1: Spoofed messages • Bob attaches a checksum to the end of all his messages before encrypting them • Attack 2: Message Replay • Bob attaches a timestamp to each of his messages • Attack 3: Man-in-the-Middle • Bob and Alice must be able to authenticate each other's first unencrypted messages

  15. Distributed System Security:Man-in-the-Middle Attack • Digital Signature • Bob encrypts his message with his private key • Alice et. al. can decrypt the message with Bob's public key • Only Bob has the private key needed to encrypt the message, so the message must have been from Bob • Digital Certificate • Trusted Authority distributes public keys, which they have digitally signed

  16. Distributed System Security: Features • Security • System trust is reduced to • Trust in Trusted Authority • Encryption Algorithm • Passwords don't need to be transmitted • Verify identity through “challenges” • Hybrid Methods • Speed of Secret Key with convenience of Public Key

  17. Distributed System Security: Applications • PGP • “Pretty Good Privacy” • Freeware file and e-mail encryption program • 128-bit RSA Public Key Encryption & 128-bit MD5 digest function • Secure Sockets Layer (SSL) • Operating system and encryption algorithm independent network protocol layer

  18. Distributed System Security: Significant Points • Today's Systems are strong • Virtually unbounded levels of encryption through increased key size • New encryption methods based on the properties of elliptic curves are faster and stronger for a given key size • Trusted authorities and digital signatures insure identity of data sources

  19. Distributed System Security: Signficant Points • Weakest Security Link Today: the User • Ignorance of Security Issues • Complacency towards Security • Focus must be on education of end users • Users must understand their role in security • Users must not become complacent towards security issues

  20. Distributed System Security:References • George Coulouris, Jean Dollimore, Tim Kingberg. Distributed Systems: Concepts and Design 2001 • Rita C. Summers. Secure Computing 1997 • Simon Singh. The Code Book 1999 • Alan O. Freier, Philip Karlton, Paul C. Kocher, The SSL Protocol Version 3.0 1996 http://wp.netscape.com/eng/ssl3/draft302.txt • Ian Blake, Gadiel Seroussi, Nigel Smart. Elliptic Curves in Cryptography 1999

More Related