1 / 13

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006. V.T. Raja, Ph.D., Oregon State University. BA483: Network Security Lecture Notes for May 8, 2006. Authentication Authentication Protocol ( ap ) ap 1.0, 2.0, 3.0, 3.1, 4.0, 5.0 Exchanging Public Keys

minowa
Download Presentation

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security – Part 2 (Continued)Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University

  2. BA483: Network SecurityLecture Notes for May 8, 2006 • Authentication • Authentication Protocol (ap) • ap 1.0, 2.0, 3.0, 3.1, 4.0, 5.0 • Exchanging Public Keys • Man (Woman) in the middle-attack

  3. Authentication • ap 1.0 • Alice announces to Bob, “I am Alice.” • Trudy could have sent this message. • ap 2.0 • Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by matching source IP (in IP header) with Alice’s IP. • Trudy could have sent this message if she had done IP spoofing.

  4. Authentication • ap 3.0 • Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by verifying her plaintext password. • Trudy may have already eavesdropped earlier, and have stolen Alice’s plaintext password during an earlier conversation between Alice and Bob. Now, Trudy could send the message, “I am Alice” by using Alice’s plaintext password. • ap 3.1 • Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by verifying her encrypted password, which is kept the same for different communication sessions between Bob and Alice. • Same disadvantage mentioned in ap 3.0 still exists. Note that Trudy need not decrypt the password. She could still eavesdrop, steal encrypted password, and then perform a “playback attack” on Bob.

  5. Authentication • ap 4.0 • Alice announces to Bob, “I am Alice.” • Bob sends a plaintext nonce (= r) to Alice. • Note that nonce is a one time value that is specific to that communication session. It is not repeated again in another session. So “playback attack” is not possible. • Alice resends same nonce back to Bob but this time nonce is encrypted with symmetric key used by Alice and Bob. • Bob decrypts nonce using symmetric key. If decrypted nonce equals the nonce he sent Alice earlier (i.e. decrypted nonce = r) , then Alice is authenticated. • However, this implies that Alice and Bob must have decided upon and exchanged their symmetric key.

  6. Authentication • ap 5.0 • Alice announces to Bob, “I am Alice.” • Bob sends a plaintext nonce (= r) to Alice. • Since nonce is a one-time value, “playback attack” is not possible. • Alice resends same nonce back to Bob but this time nonce is encrypted with Alice’s private key. • Bob decrypts nonce using Alice’s public key. If decrypted nonce equals the nonce he sent Alice earlier (i.e. decrypted nonce = r) , then Alice is authenticated.

  7. Exchanging Public Keys • Why should public key be publicly available? • Wouldn’t it be better for Alice and Bob to exchange their respective public keys via e-mail, after authenticating each other? • Due to possibility of “man (woman) in the middle attack.”

  8. Alice transmits, “I am Alice.” Trudy (alias Eve) eavesdrops. Bob sends a nonce = r. Trudy intercepts nonce, and sends Bob encrypted nonce (encrypted using her private key). Bob sends a message to Alice asking her for a public key. Trudy intercepts message, and sends Bob Trudy’s public key. Bob decrypts nonce with Trudy’s public key (thinking that he is using Alice’s public key), and inadvertently authenticates Trudy. While Bob is encrypting new data using Trudy’s public key, Trudy is busy posing as Bob to Alice. In particular, Trudy transmits Bob’s nonce to Alice Alice transmits encrypted nonce (encrypted using Alice’s private key). Trudy intercepts encrypted nonce, and asks Alice for her public key. Alice sends her public key Man (Woman) in the Middle Attack

  9. Man (Woman) in the Middle Attack • Bob sends encrypted data (encrypted using Trudy’s public key) • Trudy decrypts using her private key, and finds out Bob’s plain text. • Trudy encrypts Bob’s plain text using Alice’s public key. • Trudy transmits encrypted text to Alice. • Alice decrypts using her private key, and finds out Bob’s plain text. • Alice and Bob are happy that they have had a secure communication. They are ignorant of the fact that Trudy has intercepted and decrypted Bob’s message to Alice.

  10. Public Key Certification • PK cryptography – possible for two entities to exchange secret messages without having to exchange secret keys. • Communicating entities have to exchange public keys (without being subject to “man in the middle attack”). • Binding a public key to a particular entity is typically done by a Certification Authority (CA).

  11. Certification Authority • A CA verifies that an entity is who it claims to be. • After verification, CA creates a certificate that binds the public key of the entity to the identity. • Certificate • includes a public key • includes globally unique identifying information about owner of the public key • Is digitally signed by CA (Internet Explorer – Tools, Internet Options, Content, Certificates)

  12. Digital Signatures and Message Digests • Assume Bob wants to digitally sign a “document,” m. • Bob’s digital signature could be KB- (m) • Due to complexity of RSA, digital signatures are applied to “fingerprints” instead of being applied to message m. • Fingerprint – H(m) – where H denotes a “hash algorithm” • Bob’s digital signature is KB- (H(m))

  13. Message Digests • Message Digest (Hash) algorithms: • MD5; SHA-1; SHA-224;-256;-384;-512 • Secure Hash Algorithm is a U.S. federal standard • Required for use whenever a secure message digest algorithm is required for federal applications • Produces a 160-bit message digest. • Longer the output length, the more secure SHA-1 • SHA-224, SHA-256, SHA-384, and SHA-512, which despite the similarity of names, are actually fairly different algorithms to SHA-1 and have much wider safety margins.

More Related