1 / 56

Network Security

Network Security. V.T. Raja and James Coakley Oregon State University. Outline. Introduction Imperative need for secure communication Increasing # of security incidences Cost of downtime Customer privacy/satisfaction etc. Characteristics of a secure communication Cryptography.

trixie
Download Presentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security V.T. Raja and James Coakley Oregon State University

  2. Outline • Introduction • Imperative need for secure communication • Increasing # of security incidences • Cost of downtime • Customer privacy/satisfaction etc. • Characteristics of a secure communication • Cryptography

  3. Imperative Need for Secure CommunicationReported Security Incidents up to 1995Source: CERT.ORGSlide provided by guest speaker Kris Rosenberg

  4. Reported Security Incidents 1995 – 2003Source: http://www.cert.org/present/cert-overview-trends/module-1.pdfSlide provided by guest speaker Kris Rosenberg

  5. CERT Source: http://www.us-cert.gov/

  6. What does CERT do?

  7. Imperative Need for Secure CommunicationCost of downtimeSlide provided by guest speaker Kris Rosenberg

  8. General example for today’s lecture • Assume Bob and Alice are illicit lovers. • Assume Trudy is Bob’s spouse • Alice and Bob could represent: • a client and a server • 2 servers • 2 routers • 2 business partners in a B2B transaction • a bank and a customer

  9. Secure Communication • Characteristics of a secure communication • Confidentiality • Authentication • Message Integrity and non-repudiation • Availability and Access Control

  10. Confidentiality • Alice wants the following to be confidential: • The fact that she is communicating with Bob • Timing of communication • Frequency of communication • Only Alice and Bob should be able to understand the contents of the transmitted message; Should not be understood by eavesdropper (Trudy).

  11. Confidentiality Relies On Cryptography • Confidentiality often relies on cryptographic techniques for encrypting/ decrypting data using one or more keys to encrypt/decrypt data • We will learn some basics about cryptography in today’s lecture

  12. Authentication • Both sender and receiver should be able to confirm identity of other party involved in communication • Confirm that the other party is indeed who/what they claim to be • Authentication relies on authentication techniques, several of which rely on cryptographic techniques

  13. Message Integrity and Non-Repudiation • Content of communication is not altered maliciously or by accident • Message integrity also relies on cryptographic techniques • Non-repudiation = not denying what was communicated

  14. Availability • Can communication occur in first place? Hackers preventing infrastructure from being used by legitimate users – e.g., viruses, DoS attacks • Detect breaches and respond to attacks

  15. Access Control • Entities allowed to gain access to resources only if they have the appropriate access rights (e.g., login ID, passwords, biometric devices) • Facilitated by firewalls, which provide access control based on a per-packet basis, and on a per-service basis. • Provide a degree of isolation and protection from those outside of one’s network

  16. Network Security – Part 2 Cryptography • Symmetric Key Cryptography • Public Key Cryptography

  17. Symmetric Key Cryptography • Symmetric Key Cryptography • Caesar Cipher • Monoalphabetic Cipher • Polyalphabetic Cipher • Data Encryption Standard (DES) • Triple DES (3DES) • Advanced Encryption Standard (AES) • Trusted Intermediaries for symmetric key distribution • Key Distribution Center (KDC) • Kerberos

  18. Basic Terminology • Plain Text • Original data – not disguised • Cipher (Encrypted) Text • Disguised data – looks unintelligible to intruder • Data disguised using encryption algorithm • Key • A string of #s or characters used as input to encryption algorithm to disguise plain text • Symmetric Key: Alice and Bob use same key to encrypt and decrypt text

  19. Symmetric Key Cryptography • Caesar Cipher • Each letter in plaintext is substituted with letter that is K letters later • Wrap around is allowed (i.e., z followed by letter a) • If K = 3, a in plaintext becomes d in cipher text b in plaintext becomes e in cipher text • Example: Decrypt the following using a Caesar Cipher of K =3; Assume ‘wrap around’ is allowed. “ere, l oryh brx. Dolfh” Once it is known that Caesar cipher is being used, it is easy to break the code (only 25 possible key values).

  20. Symmetric Key Cryptography • Monoalphabetic Cipher • Improvement on Caesar Cipher • No regular pattern – any letter can be substituted for any other letter, as long as each letter has a unique substitute letter, and vice versa. Example follows: Plain Text: a b c d e f g h i j k l m n o p q r s t u v w x y z Cipher Text: m n b v c x z a s d f g h j k l p o i u y t r e w q Example: Find cipher text for “Bob, I love you. Alice” using above monoalphabetic cipher. 26! Possible pairings of letters – so breaking code is not as easy as in the case of Caesar cipher. Usually statistical analysis of plain text language can help in breaking the code faster.

  21. Symmetric Key Cryptography • Polyalphabetic Encryption • Use multiple monoalphabetic/Caesar ciphers • Use a specific monoalphabetic/Caesar cipher to encode a letter in a specific position in the plain text message • This implies that same letter appearing in different positions in the plaintext might be encoded differently. Example: 2 Caesar ciphers; K = 5, K = 19 For every 5 bits in the plain text use the 2 Caesar ciphers in the following pattern: C1, C2, C2, C1, C2 Example: Using K= 5 and K =19, find cipher text for “Bob, I love you.”

  22. Symmetric Key Cryptography • Data Encryption Standard (DES) • Published in 1977, and updated in 1993 • For commercial and non-classified U.S. Govt. use • Encodes plaintext using 56-bit key Objective: Scramble data and key so that every bit of the cipher text depends on every bit of the data and every bit of the key • Algorithm: Complex (beyond the scope of the course); Decryption works by reversing the algorithm’s operations.

  23. How well does DES work? • In 1997 RSA Data Security Inc., ( A network security company) launched a DES challenge contest to crack a short phrase (“strong cryptography makes the world a safer place”) it had encrypted using a 56-bit DES. • Winning team took 4 months to decode. It had volunteers throughout the Internet to systematically explore key space. Claimed 10K cash prize after testing only a quarter of the key space (about 18 quadrillion keys) • In 1999, RSA launched another DES challenge. • Message was decrypted in little over 22 hours by a network of volunteers and a special purpose computer called “Deep Crack”. Claimed 250 K cash prize. Not bad for a day’s work?

  24. Symmetric Key Cryptography • Triple DES (3 DES) • If 56-bit DES is considered to be insecure, one can simply run the algorithm multiple times, using a different key each time • DES run three times (with a different 56-bit key at beginning of each time DES is run). • Advanced Encryption Standard (AES) • NIST – in Nov 2001 announced successor to DES. • AES is also a symmetric key algorithm that processes data in 128-bit blocks • AES can operate with 128-bit keys, 192-bit keys, and 256-bit keys

  25. Trusted Intermediaries • Disadvantage of Symmetric Key Cryptography: • 2 communicating parties have to agree upon their secret key ahead of time in a secure manner. • Since sender and receiver do not meet face to face in the networking world , they need a trusted intermediary • Trusted Intermediaries: • Key Distribution Center • Kerberos

  26. Key Distribution Center (KDC) • A server that shares a different secret symmetric key with each registered user. • KDC knows the secret key of each user, and each user can communicate securely with KDC using this key. • Assume Alice and Bob use KDC for their communication. • Assume Alice’s secret key known to Alice and KDC is KA-KDC • Assume Bob’s secret key known to Bob and KDC is KB-KDC.

  27. Example: Alice and BOB using KDC • Using her key, Alice sends a message to KDC saying that she (A) wants to communicate with Bob (B). We denote this message as KA-KDC(A, B). • a. KDC decrypts KA-KDC(A, B). b. KDC generates a random number R1, which is to be used as symmetric key by Alice and Bob during their communication.

  28. Example: Alice and BOB using KDC 2 c. KDC sends Alice R1, and a pair of values A and R1 encrypted using Bob’s key. We denote this message sent to Alice by KDC as: KA-KDC(R1, KB-KDC(A, R1)). 3. Alice decrypts message and extracts symmetric key R1. Alice extracts and forwards (although she cannot decrypt) KB-KDC(A, R1) to Bob. • Bob decrypts and understands that he is to use R1 as symmetric key to converse with person A (Alice). • Bob and Alice communicate using symmetric key R1

  29. Kerberos • Developed by MIT • Very similar to KDC • Has additional functions such as: • Time stamp for validity of “nonce” R1. • Has info about which users have access privileges to which services on which network servers.

  30. Public Key Cryptography • Public keys and Private keys • RSA Algorithm • Authentication • Authentication Protocol (ap) • ap 1.0, 2.0, 3.0, 3.1, 4.0, 5.0 • Exchanging Public Keys • Man (Woman) in the middle-attack

  31. Introduction - Public Key Cryptography • Is it possible for two parties to communicate using encryption/decryption without using a shared secret key? • Yes. Using public key cryptography • A radically different and marvelously elegant approach towards encryption/decryption • Public key cryptography is useful not only for encryption/decryption, but also for authentication and digital signatures as well.

  32. Basic Idea of Public Key Cryptography • Each participant has a private key (known only to the participant) and a public key. • The public key is created with one’s private key. • Public key is made available to others and could be posted even on a website which is accessible by the rest of the world. • Public key of recipient is used by sender to encrypt message. • Recipient decrypts message using recipient’s private key.

  33. Public Key Cryptography • Example: • Alice wishes to send a message to Bob. • Alice fetches Bob’s public key. • Alice uses Bob’s public key to encrypt message • Alice sends encrypted message to Bob. • Bob decrypts cipher text with Bob’s private key.

  34. Notation and Choice of Keys • Assume Alice’s plain text message, (which has to be encrypted and then sent to Bob) is denoted as m. • Assume Bob’s public key is denoted as KB+ and his private key is denoted as KB-. • These keys are chosen such that: KB- (KB+ (m)) = KB+ (KB- (m)) = m RSA algorithm (named after its founders, Ron Rivest, Adi Shamir, and Leonard Adleman) has become almost synonymous with public key cryptography.

  35. RSA and DES/AES • RSA is a complex algorithm and uses concepts from number theory. • DES is at least 100 times faster than RSA. • In practice, RSA is often used in combination with DES or AES. • Message is encrypted using DES key • Alice encrypts DES key with Bob’s public key • Bob decrypts and obtains DES key with his private key. • Message is decrypted using DES key

  36. Authentication • ap 1.0 • Alice announces to Bob, “I am Alice.” • Trudy could have sent this message. • ap 2.0 • Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by matching source IP (in IP header) with Alice’s IP. • Trudy could have sent this message if she had done IP spoofing.

  37. Authentication • ap 3.0 • Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by verifying her plaintext password. • Trudy may have already eavesdropped earlier, and have stolen Alice’s plaintext password during an earlier conversation between Alice and Bob. Now, Trudy could send the message, “I am Alice” by using Alice’s plaintext password. • ap 3.1 • Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by verifying her encrypted password, which is kept the same for different communication sessions between Bob and Alice. • Same disadvantage mentioned in ap 3.0 still exists. Note that Trudy need not decrypt the password. She could still eavesdrop, steal encrypted password, and then perform a “playback attack” on Bob.

  38. Authentication • ap 4.0 • Alice announces to Bob, “I am Alice.” • Bob sends a plaintext nonce (= r) to Alice. • Note that nonce is a one time value that is specific to that communication session. It is not repeated again in another session. So “playback attack” is not possible. • Alice resends same nonce back to Bob but this time nonce is encrypted with symmetric key used by Alice and Bob. • Bob decrypts nonce using symmetric key. If decrypted nonce equals the nonce he sent Alice earlier (i.e. decrypted nonce = r) , then Alice is authenticated. • However, this implies that Alice and Bob must have decided upon and exchanged their symmetric key.

  39. Authentication • ap 5.0 • Alice announces to Bob, “I am Alice.” • Bob sends a plaintext nonce (= r) to Alice. • Since nonce is a one-time value, “playback attack” is not possible. • Alice resends same nonce back to Bob but this time nonce is encrypted with Alice’s private key. • Bob decrypts nonce using Alice’s public key. If decrypted nonce equals the nonce he sent Alice earlier (i.e. decrypted nonce = r) , then Alice is authenticated.

  40. Exchanging Public Keys • Why should public key be publicly available? • Wouldn’t it be better for Alice and Bob to exchange their respective public keys via e-mail, after authenticating each other? • Due to possibility of “man (woman) in the middle attack.”

  41. Alice transmits, “I am Alice.” Trudy eavesdrops. Bob sends a nonce = r. Trudy intercepts nonce, and sends Bob encrypted nonce (encrypted using her private key). Bob sends a message to Alice asking her for a public key. Trudy intercepts message, and sends Bob Trudy’s public key. Bob decrypts nonce with Trudy’s public key (thinking that he is using Alice’s public key), and inadvertently authenticates Trudy. While Bob is encrypting new data using Trudy’s public key, Trudy is busy posing as Bob to Alice. In particular, Trudy transmits Bob’s nonce to Alice Alice transmits encrypted nonce (encrypted using Alice’s private key). Trudy intercepts encrypted nonce, and asks Alice for her public key. Alice sends her public key Man (Woman) in the Middle Attack

  42. Man (Woman) in the Middle Attack • Bob sends encrypted data (encrypted using Trudy’s public key) • Trudy decrypts using her private key, and finds out Bob’s plain text. • Trudy encrypts Bob’s plain text using Alice’s public key. • Trudy transmits encrypted text to Alice. • Alice decrypts using her private key, and finds out Bob’s plain text. • Alice and Bob are happy that they have had a secure communication. They are ignorant of the fact that Trudy has intercepted and decrypted Bob’s message to Alice.

  43. Digital Signatures and Message Digests • Assume Bob wants to digitally sign a “document,” m. • Bob’s digital signature could be KB- (m) • Due to complexity of RSA, digital signatures are applied to “fingerprints” instead of being applied to message m. • Fingerprint – H(m) – where H denotes a “hash algorithm” • Bob’s digital signature is KB- (H(m))

  44. Message Digests • Message Digest (Hash) algorithms: • MD5 • SHA-1 • Secure Hash Algorithm is a U.S. federal standard • Required for use whenever a secure message digest algorithm is required for federal applications • Produces a 160-bit message digest. • Longer the output length, the more secure SHA-1 • SHA-224, SHA-256, SHA-384, and SHA-512, which despite the similarity of names, are actually fairly different algorithms to SHA-1 and have much wider safety margins.

  45. Public Key Certification • PK cryptography – possible for two entities to exchange secret messages without having to exchange secret keys. • Communicating entities have to exchange public keys (without being subject to “man in the middle attack”). • Binding a public key to a particular entity is typically done by a Certification Authority (CA).

  46. Certification Authority • A CA verifies that an entity is who it claims to be. • After verification, CA creates a certificate that binds the public key of the entity to the identity. • Certificate • includes a public key • includes globally unique identifying information about owner of the public key • Is digitally signed by CA (Internet Explorer – Tools, Internet Options, Content, Certificates)

  47. Availability and Access Control • Some attacks • Firewalls

  48. Examples of some attacks • Denial of Service attacks • “Ping” attacks • SYN flood attack • Distributed Denial of Service attacks

  49. Terminology • Terminology • IP Spoofing • Ping • TCP • Packet Numbers (also known as Sequence#s) • Acknowledgement Numbers • Port IDs (Port Scanning, mapping) • Telnet • Denial of Service (DoS) Attack • Smurf Attack • SYN Flood Attack • Half-open telnet sessions • Distributed DoS Attack • Firewalls • Packet level firewall • Application level firewall • Network Address Translation • NAT Server

  50. Ping Packets • Ping packets • Packets that ask a computer to respond with an acknowledgement • Used to see if a computer is still operational in a network • e.g., Ping by computer name • Ping bus.orst.edu Ping by IP address • Ping 128.193.76.73

More Related