1 / 71

Security

Security. Reported Security Incidents 1995 – 2003 Source: http://www.cert.org/present/cert-overview-trends/module-1.pdf. Imperative Need for Secure Communication Cost of downtime. Secure Communication. Characteristics of a secure communication Confidentiality Authentication

shannon-mcleod
Download Presentation

Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security

  2. Reported Security Incidents 1995 – 2003Source: http://www.cert.org/present/cert-overview-trends/module-1.pdf

  3. Imperative Need for Secure CommunicationCost of downtime

  4. Secure Communication • Characteristics of a secure communication • Confidentiality • Authentication • Message Integrity and non-repudiation • Availability and Access Control

  5. Confidentiality • The communicator wants the following to be confidential: • The fact that the communication is occurring • Timing of communication • Frequency of communication • Confidentiality often relies on cryptographic techniques for encrypting/ decrypting data using one or more keys to encrypt/decrypt data

  6. Authentication • Both sender and receiver should be able to confirm identity of other party involved in communication • Confirm that the other party is indeed who/what they claim to be • Authentication relies on authentication techniques, several of which rely on cryptographic techniques

  7. Message Integrity and Non-Repudiation • Message integrity • Content of communication is not altered maliciously or by accident • Relies on cryptographic techniques • Non-repudiation • Not denying what was communicated

  8. Availability • Can communication occur in first place? • Hackers preventing infrastructure from being used by legitimate users – e.g., viruses, DoS attacks • Detect breaches and respond to attacks

  9. Access Control • Entities allowed to gain access to resources only if they have the appropriate access rights (e.g., login ID, passwords, biometric devices) • Facilitated by firewalls, which provide access control based on a per-packet basis, and on a per-service basis. • Provide a degree of isolation and protection from those outside of one’s network

  10. Cryptography • Symmetric Key Cryptography • Public Key Cryptography

  11. Symmetric Key Cryptography • Symmetric Key Cryptography • Caesar Cipher • Monoalphabetic Cipher • Polyalphabetic Cipher • Data Encryption Standard (DES) • Triple DES (3DES) • Advanced Encryption Standard (AES) • Trusted Intermediaries for symmetric key distribution • Key Distribution Center (KDC) • Kerberos

  12. Basic Terminology • Plain Text • Original data – not disguised • Cipher (Encrypted) Text • Disguised data – looks unintelligible to intruder • Data disguised using encryption algorithm • Key • A string of #s or characters used as input to encryption algorithm to disguise plain text • Symmetric Key: Both parties use same key to encrypt and decrypt text

  13. Symmetric Key Cryptography • Caesar Cipher • Each letter in plaintext is substituted with letter that is K letters later • Wrap around is allowed (i.e., z followed by letter a) • If K = 3, a in plaintext becomes d in cipher text b in plaintext becomes e in cipher text • Example: Decrypt the following using a Caesar Cipher of K =3; Assume ‘wrap around’ is allowed. “L JP J JHHN”

  14. Symmetric Key Cryptography • Data Encryption Standard (DES) • Published in 1977, and updated in 1993 • For commercial and non-classified U.S. Govt. use • Encodes plaintext using 56-bit key • Objective: Scramble data and key so that every bit of the cipher text depends on every bit of the data and every bit of the key • Algorithm: Complex (beyond the scope of the course); Decryption works by reversing the algorithm’s operations.

  15. How well does DES work? • DES challenge contest • Launched in 1997 by RSA Data Security Inc. -- A network security company • Encrypted “strong cryptography makes the world a safer place” using a 56-bit DES. • Winning team took 4 months to decode. • Used volunteers throughout the Internet to systematically explore key space. • Claimed $10K cash prize after testing only a quarter of the key space (about 18 quadrillion keys)

  16. How well does DES work? • In 1999, RSA launched another DES challenge. • Message was decrypted in little over 22 hours by a network of volunteers and a special purpose computer called “Deep Crack”. • Claimed $250 K cash prize.

  17. Symmetric Key Cryptography • Triple DES (3 DES) • If 56-bit DES is considered to be insecure, one can simply run the algorithm multiple times, using a different key each time • DES run three times (with a different 56-bit key each time DES is run).

  18. Symmetric Key Cryptography • Advanced Encryption Standard (AES) • NIST – in Nov 2001 announced successor to DES. • AES is also a symmetric key algorithm that processes data in 128-bit blocks • AES can operate with 128-bit keys, 192-bit keys, and 256-bit keys

  19. Trusted Intermediaries • Disadvantage of Symmetric Key Cryptography: • 2 communicating parties have to agree upon their secret key ahead of time in a secure manner. • Since sender and receiver do not meet face to face in the networking world , they need a trusted intermediary • Trusted Intermediaries: • Key Distribution Center • Kerberos

  20. Key Distribution Center (KDC) • A server that shares a different secret symmetric key with each registered user. • KDC knows the secret key of each user, and each user can communicate securely with KDC using this key.

  21. Example: Using KDC • Assume Sender (S) and Recipient (R) use KDC for their communication. • Assume S’s secret key known to S and KDC is KS-KDC • Assume R’s secret key known to R and KDC is KR-KDC.

  22. Example: Using KDC • Using key, S sends a message to KDC saying that S wants to communicate with R. We denote this message as MS-KDC(S, R). • KDC decrypts MS-KDC(S, R) • KDC generates a random number key KSR, which is to be used as symmetric key by S and R during their communication.

  23. Example: Using KDC – cont’d • KDC sends S the key KSR, and a pair of values X and KSR encrypted using R’s key. We denote this message sent back to S by KDC as: • MKDC-S(KSR, MKDC-R(X, KSR)). • S decrypts message and extracts symmetric key KSR. S extracts and forwards MKDC-R(X, KSR) to R • Note that S cannot decrypt MKDC-R(X, KSR) • R decrypts MKDC-R(X, KSR) and uses KSR as symmetric key to converse with S • R and S communicate using symmetric key KSR

  24. Kerberos • Developed by MIT • Very similar to KDC • Has additional functions such as: • Time stamp for validity of “nonce” KSR. • Has information about which users have access privileges to which services on which network servers.

  25. Public Key CryptographyOverview • Define concept of Public and Private keys • Demonstrate RSA Algorithm • Review Authentication Protocols (ap) • Exchanging Public Keys • Person in the middle-attack

  26. Introduction - Public Key Cryptography • Use public key cryptography so that two parties can communicate using encryption/decryption without using a shared secret key. • Key maintenance is difficult • Public key cryptography: • A radically different and marvelously elegant approach towards encryption/decryption • Also used for authentication and digital signatures

  27. Basic Idea of Public Key Cryptography • Each participant has a private key (known only to the participant) and a public key. • Public key is made available to others • Could be posted even on a website which is accessible by the rest of the world. • Public key of recipient is used by sender to encrypt message. • Recipient decrypts message using recipient’s private key.

  28. Public Key Cryptography • Example: • Sender (S) wishes to send a message to Recipient (R) • S fetches R’s public key. • S uses R’s public key to encrypt message • S sends encrypted message to R. • R decrypts cipher text with R’s private key.

  29. RSA Algorithm • Named after its founders, Ron Rivest, Adi Shamir, and Leonard Adleman • Has become almost synonymous with public key cryptography

  30. Using the RSA Algorithm • R’s public key is denoted as KR+ and the private key is denoted as KR-. • These keys are chosen such that: KR- (KR+ (m)) = KR+ (KR- (m)) = m • S will encrypt a plain text message, m, using public key KR+ and send it to R

  31. Using the RSA Algorithm • To encrypt the message, S uses R’s public key and determines the cipher text, c as: • c = me mod n • To decrypt the message, R uses R’s private key and determines the plain text, m as: • m = cd mod n

  32. Using the RSA AlgorithmCreate R’s Keys • Choose two large prime numbers, p and q. • The larger the values, the more difficult it is to break RSA, and the longer it takes to encode/decode. • It is recommended that the product of p and q be on the order of 1024 bits for corporate use and 768 bits for use with “less valuable information”. • For a discussion on how to find large prime numbers, see http://www.utm.edu/research/primes/prove/). • For example, choose p = 5 and q = 7

  33. Using the RSA AlgorithmCreate R’s Keys • Compute n = pq =35 • Compute z = (p-1)(q-1) = (4)(6) = 24 • Choose a number, e, less than n, which has no common factors (other than 1) with z. • R chooses e = 5 • Find a number, d, such that ed-1 is exactly divisible (that is, with no remainder) by z. • d = 29; • Note (ed-1) = (5x29 -1) = (145-1) = 144 • 144 is exactly divisible by z = 24

  34. Using the RSA AlgorithmCreate R’s Keys • Recap: p = 5, q = 7, n = 35, z = 24, e = 5, d = 29 • R’s public key is given by • KR+ = (n, e) = (35, 5); • R’s private key is given by • KR- = (n, d) = (35, 29) • Example • Interpret each letter in the English alphabet as a number between 1 and 26. That is, a = 1, b = 2, …, z = 26. • S will send message “love” to R

  35. Using the RSA AlgorithmEncrypt Message using KR+ = (n, e) = (35, 5); • S will send 17152210 to R

  36. Using the RSA AlgorithmEncrypt Message using KR- = (n, d) = (35, 29);

  37. RSA and DES/AES • RSA is a complex algorithm and uses concepts from number theory. • DES is at least 100 times faster than RSA. • In practice, RSA is often used in combination with DES or AES. • Message is encrypted using DES key • S encrypts DES key with R’s public key • R decrypts and obtains DES key with R’s private key. • Message is decrypted using DES key

  38. Authentication • ap 4.0 (symmetric) • S announces to R, “I am S” • R sends a plaintext nonce (= n) to S. • Note nonce is a one time value that is specific to that communication session • S resends same nonce back to R but this time nonce is encrypted with symmetric key used by S and R. • R decrypts nonce using symmetric key. If decrypted nonce equals the nonce sent to S earlier (i.e. decrypted nonce = n) , then S is authenticated. • However, this implies that S and R must have decided upon and exchanged their symmetric key.

  39. Authentication • ap 5.0 (public/private) • S announces to R, “I am S” • R sends a plaintext nonce (= n) to S • S resends same nonce back to R but this time nonce is encrypted with S’s private key. • R decrypts nonce using S’s public key. If decrypted nonce equals the nonce sent to S earlier (i.e. decrypted nonce = n) , then S is authenticated.

  40. Exchanging Public Keys • Why should public key be publicly available? • Wouldn’t it be better for S and R to exchange their respective public keys via e-mail, after authenticating each other? • Possibility of “person in the middle attack.”

  41. S transmits, “I am S” T eavesdrops. R sends a nonce = n. T intercepts nonce, and sends R encrypted nonce (encrypted using T’s private key). R sends a message to S asking for S’s public key. T intercepts message, and sends T’s public key to R. R decrypts nonce with T’s public key (thinking that he is using S’s public key), and inadvertently authenticates T. While R is encrypting new data using T’s public key, T is busy posing as R to S. In particular: T transmits R’s nonce to S S transmits encrypted nonce (encrypted using S’s private key). T intercepts encrypted nonce, and asks S for her public key. S sends her public key Person in the Middle Attack

  42. Person in the Middle Attack – cont’d • R sends encrypted data (encrypted using T’s public key) • T decrypts using her private key, and finds out R’s plain text. • T encrypts R’s plain text using S’s public key. • T transmits encrypted text to S. • S decrypts using her private key, and finds out R’s plain text. • S and R presume that they have had a secure communication. They are ignorant of the fact that T has intercepted and decrypted all messages.

  43. Availability and Access Control • Examples of common attacks • Firewalls

  44. Examples of some attacks • Denial of Service attacks • Hacker attempts to disrupt the network by flooding the network with messages so that the network cannot process messages from legitimate users • Examples • “Ping” attacks • Smurf attack • SYN flood attack • Distributed Denial of Service attacks

  45. Ping Packets • Packets that ask a computer to respond with an acknowledgement • Used to see if a computer is still operational in a network • Ping by computer name • Ping bus.orst.edu • Ping by IP address • Ping 128.193.76.73

  46. TCP header: Packet #s (Sequence #s) • Assume a file has 500,000 bytes • Assume TCP breaks this file into packets, where each packet size is 1000 bytes • Each packet is given a packet # • The packet # for a packet is the number of the first byte in that packet. • The packet # of first packet would be 1 • The packet # of next packet would be 1001 • The packet # of third packet would be 2002 and so on

  47. TCP: Acknowledgement # • Assume S transmits to R • R acknowledges receipt of S’s message, by specifying an acknowledgment #. • The ACK # sent by R is the packet # of the next packet that R is expecting from S. • Example: • After S sends first packet, R sends an acknowledgment to S by specifying ACK# 1001. • After S sends second packet, R acknowledges by specifying ACK# 2001.

  48. SYN Flood Attack • Nature of attack • Attacker (client) sends a TCP SYN (Synchronize Sequence/Packet Number) request to server. • The server responds by sending a TCP SYN/ACK packet. • The attacker does not respond – resulting in half-open session using up server resources. • The attacker sends a flood of such TCP SYN requests without responding. • Requests from other legitimate clients are unable to reach the server due to multiple half-open sessions

  49. Distributed DoS (DDos) attack • In a DDoS attack, a hacker first gains control of hundreds/thousands of computers (slaves). • Plants software referred to as DDoS agent on each of the slaves • Hacker then uses software referred to as DDoS handler (master) to control the agents (slaves) • Attacker launches attacks from all the slaves and it is difficult to trace hacker

More Related