networking overview l.
Skip this Video
Loading SlideShow in 5 Seconds..
Networking Overview PowerPoint Presentation
Download Presentation
Networking Overview

Loading in 2 Seconds...

play fullscreen
1 / 133

Networking Overview - PowerPoint PPT Presentation

  • Uploaded on

Networking Overview. TCP/IP. TCP/IP == Transmission Control Protocol/Internet Protocol Almost ubiquitous protocol for communication over network Many other networking protocols ATM, X.25, SS7, Sonet,… But TCP/IP has taken over the world. TCP/IP. Here, a brief overview of TCP/IP

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

Networking Overview

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
networking overview
Networking Overview

Networking Overview 1

tcp ip
  • TCP/IP == Transmission Control Protocol/Internet Protocol
  • Almost ubiquitous protocol for communication over network
  • Many other networking protocols
    • ATM, X.25, SS7, Sonet,…
    • But TCP/IP has taken over the world

Networking Overview 2

tcp ip3
  • Here, a brief overview of TCP/IP
  • For more info, see, for example,
    • Computer Networks, Tanenbaum
    • Computer Networks and Internets, Comer
    • Computer Networking: A Top Down Approach Featuring the Internet, Kurose and Ross
    • TCP/IP Protocol Suite, Forouzan

Networking Overview 3

why tcp ip
  • Almost everywhere
  • Author developed payphone billing protocol in 1992
    • Used X.25, later ported to SS7
    • Today would almost certainly use TCP/IP
  • TCP/IP makes the world “extremely hackable”

Networking Overview 4

osi reference model
OSI Reference Model
  • In 1980, ISO developed OSI
    • Computer communication over network
  • Protocol layering
    • Breaks problem into small parts
    • Layer provides service to next higher
  • Modular
    • Makes it easy, for example, to replace Ethernet with wireless

Networking Overview 5

osi reference model6
OSI Reference Model
  • Layer 7 --- Application Layer
    • Links application to the communication channel
  • Layer 6 --- Presentation Layer
    • How to represent bits for transmission
  • Layer 5 --- Session Layer
    • Coordinate (multiple) sessions
  • Layer 4 --- Transport Layer
    • Logical channel between systems

Networking Overview 6

osi reference model7
OSI Reference Model
  • Layer 3 --- Network Layer
    • Move data from host-to-host, across network core (interconnected mesh of routers)
  • Layer 2 --- Data Link Layer (or Link Layer)
    • Move data across one “hop”
  • Layer 1 --- Physical Layer
    • Transmit bits across a physical link (fiber optic, copper cable, wireless, etc.)
  • Note: Layers 7,6,5 often treated as one

Networking Overview 7

tcp ip our hero
TCP/IP, Our Hero
  • Layers from TCP/IP’s perspective…
  • Application Layer --- Program trying to communicate using TCP/IP
    • E.g., email servers, SSH client and server, etc
  • Transport Layer --- Includes TCP and UDP
    • TCP provides reliable delivery
    • UDP is “bare bones” transport layer protocol

Networking Overview 8

tcp ip our hero9
TCP/IP, Our Hero
  • Network Layer --- Based on IP
    • Deliver packets from end-to-end
    • To be cool, you must say “layer 3”
  • Data Link Layer --- One hop
    • “Layer 2”
  • Physical Layer --- The physical media

Networking Overview 9

tcp ip protocol stack
TCP/IP Protocol Stack
  • TCP/IP synonymous with transport layer and network layer (combined)
  • For example…

Networking Overview 10

layering again
Layering (Again)
  • Each layer adds some info
    • Usually added to beginning, so called a header

Networking Overview 11

  • Application layer packet
  • Transport layer  TCP segment (for example)
  • Network layer  IP datagram
  • Data link/physical layer(s)  frame
  • We may use “packet” for all of these

Networking Overview 12

tcp ip13
  • Protocols: TCP, UDP, IP, ICMP
    • Defined in RFCs 791 thru 793
  • Developed for academic research
    • No thought of security
    • No confidentiality, integrity, authentication, …

Networking Overview 13

tcp ip and security
TCP/IP and Security
  • Originally, no security in TCP/IP
    • Any security provided by applications
  • But TCP/IP retrofit for security
    • IPSec --- security at the “IP layer”
    • “Built in” security for applications
    • IPSec is a bloated and complex protocol

Networking Overview 14

  • TCP provides reliable delivery
  • Most familiar apps use TCP
    • Web browsing (HTTP)
    • Secure shell (SSH)
    • File transfer (FTP)
    • Email (SMTP, POP, IMAP)
    • Etc., etc., etc.
  • For most apps, TCP saves a lot of work

Networking Overview 15

tcp header
TCP Header
  • Every TCP packet includes header

Networking Overview 16

tcp port numbers
TCP Port Numbers
  • Source port, destination port
    • 16-bit numbers
    • Tells which “door” to send data to
    • Source == outgoing “door”, etc.
  • Server application “listens” on a port
    • Listening ports are open
    • Non-listening ports are closed

Networking Overview 17

tcp port numbers18
TCP Port Numbers
  • Examples of well-known ports
    • TCP port 21 --- FTP
    • TCP port 22 --- SSH
    • TCP port 23 --- telnet
    • TCP port 25 --- SMTP
    • TCP port 80 --- HTTP
    • TCP port 6000 --- The X Window System (X11)
  • Note these ports are used by convention
    • Could use 8080 for HTTP and not get arrested
    • But both client and server must know this

Networking Overview 18

  • Example
  • Note that attackers want to know which ports (“doors”) are open

Networking Overview 19

  • To see which ports are in use
    • Locally, use netstat -na

Networking Overview 20

tcp control bits
TCP Control Bits
  • Control bits or flags
  • For “3-way handshake”, and other special things

Networking Overview 21

tcp control bits22
TCP Control Bits
  • Originally, 6 control bits
    • URG --- urgent data, give it priority (or not…)
    • ACK --- acknowledge earlier data
    • PSH --- push data thru now
    • RST --- reset the connection, due to error or an interruption (abnormal termination)
    • SYN --- synchronize sequence numbers
    • FIN --- no more data, so tear down connection

Networking Overview 22

tcp control bits23
TCP Control Bits
  • Two additional control bits
    • CWR --- congestion window reduced; due to network congestion, reduced window size
    • ECE --- explicit congestion notification echo; connection is experiencing congestion
  • For congestion control issues

Networking Overview 23

tcp 3 way handshake
TCP 3-Way Handshake
  • Used to establish TCP connection
  • Note sequence numbers: ISNA and ISNB
    • ACK and SYN flag bits used here

Networking Overview 24

tcp 3 way handshake25
TCP 3-Way Handshake
  • Establishes “connection”
  • Sequence numbers enable TCP to
    • Make sure all packets arrive
    • Make sure all packets delivered in order
  • FIN bit used when session torn down
  • RST used to end in “error” cases

Networking Overview 25

other fields in tcp header
Other Fields in TCP Header
  • Data offset --- where the data begins
  • Reserved --- reserved for future use (or for clever attackers…)
  • Window --- controls number of outstanding packets; prevents one side from sending too fast (flow control)
  • Checksum --- error detection (uses CRC)

Networking Overview 26

other fields in tcp header27
Other Fields in TCP Header
  • Urgent pointer --- if URG flag set, tells where the urgent data is located
  • Options --- additional info (e.g., the max size of packet); variable size
  • Padding --- used to make things line up on 32-bit boundaries

Networking Overview 27

  • UDP == User Datagram Protocol
  • Minimal “no frills” transport protocol
    • Does minimum possible
    • “Connectionless”
    • No flow control, no congestion control, packets can be out of order, not arrive, …
    • UDP == Unreliable Damn Protocol

Networking Overview 28

  • Why use UDP?
  • Low overhead
    • 8 byte header vs 20 bytes (or more) for TCP
  • No congestion control/flow control
    • How can this be good?

Networking Overview 29

where is udp used
Where is UDP Used?
  • Streaming audio/video
    • Some packet loss is OK
    • Example: Real Player, UDP port 7070
  • Apps where low overhead is useful
    • Trivial FTP (TFTP), UDP port 69
    • Simple Network Management Protocol (SNMP), UDP port 161

Networking Overview 30

ftp vs udp
  • Which is more secure?
  • With UDP, more work for firewalls
    • Hard to track “connections”
    • Example: Slammer worm fit into one 376-byte UDP packet; got thru firewalls
  • But neither TCP nor UDP offer any “real” security (confidentiality, etc.)

Networking Overview 31

  • IP == Internet Protocol
    • Not “intellectual property”
  • IP is the network layer protocol today
    • Mostly IPv4
    • IPv6 used a little bit --- offers more addresses and more security
    • Here, we focus on IPv4

Networking Overview 32

ip header
IP Header
  • Note that source and destination addresses each 32 bits

Networking Overview 33

what is a network
What is a Network?
  • LAN == Local Area Network
  • LANs are building blocks of networks
  • LAN is bunch of computers connected together by hub, switch, wireless, …
    • No router between computers on a LAN
  • Usually, small geographic area

Networking Overview 34

what is a network35
What is a Network?
  • LANs are connected by routers
    • Routers move packets between LANs

Networking Overview 35

ip addresses
IP Addresses
  • IP addresses are 32 bits
  • Identify hosts (computers) on network
  • Written in “dotted decimal” notation
    • Author calls it “dotted quad” notation

Networking Overview 36

ip addresses37
IP Addresses
  • Every IP packet has source and destination IP addresses
  • Every IP address has 2 parts
    • One part identifies the network (LAN)
    • One part identifies the specific host
    • Makes routing more efficient
  • But which part is which?

Networking Overview 37

  • Leftmost bits are network part of address
  • Netmask (subnet mask) often used
    • Uses “AND” operation
  • Classless Inter-Domain Routing (CIDR) notation

Networking Overview 38

packet fragmentation
Packet Fragmentation
  • Link may accept packet of max length
  • What if packet is too big?
  • Fragmentation!
    • Router chops packet into pieces
    • Reassembled at destination
    • Fields in IP header identify fragments (and how to reassemble them)

Networking Overview 39

fragmentation bits
Fragmentation Bits
  • Don’t fragment bit
    • 0 == OK to fragment, 1 == don’t fragment
  • More fragments bit
    • 0 == last fragment, 1 == more fragments
  • Fragmentation opens door to attacks
    • Firewalls/IDS do not like fragments

Networking Overview 40

other stuff in ip header
Other Stuff in IP Header
  • Version --- IPv4 or IPv6
  • Hlen --- total length of IP header
  • Service Type --- for quality of service
  • Total Length --- length of data and header
  • Identification --- for fragment reassembly
  • Flags --- don’t fragment, more fragments, …
  • Fragmentation Offset --- how to reassemble fragments

Networking Overview 41

other stuff in ip header42
Other Stuff in IP Header
  • Time-to-Live (TTL) --- max number of “hops” remaining before packet dies
  • Protocol --- TCP or UDP
  • Header Checksum --- error detection in header (recomputed at each router)
  • Source IP Address --- “from”
  • Destination IP Address --- “to”
  • Options --- e.g., “source routing”
  • Padding --- pad length to multiple of 32 bits

Networking Overview 42

  • Internet Control Message Protocol
  • Like the “network plumber”
    • Host uses ICMP to see if another host is alive and responding
    • Router uses ICMP to tell source it does not know how to route a packet
    • Host can tell another host to stop sending data so fast, etc., etc.

Networking Overview 43

  • Same packet format as IP
    • Protocol field is set to 1
  • Many ICMP message types
    • Common types listed on next 2 slides

Networking Overview 44

  • Name (type number) --- explanation
    • Echo reply (0) --- response to ping
    • Destination unreachable (3) --- IP packet cannot be delivered (sent by router or host)
    • Source quench (4) --- slow down!
    • Redirect (5) --- send data to different router
    • Echo (8) --- ping (is system responding?)

Networking Overview 45

  • Message, type number, explanation
    • Time Exceeded (11) --- TTL exceeded, or problem reassembling fragments
    • Parameter Problem (12) --- bad parameter
    • Timestamp (13) --- request system’s time
    • Timestamp Reply (14) --- send system time
    • Information Request (15) --- used to determine which network a host is on
    • Information Reply (16) --- network IP address

Networking Overview 46

routing packets
Routing Packets
  • How routers get packets thru network
    • Like Little Red Riding Hood trying to find the best path to grandma’s house
  • Dynamic routing protocols
    • RIP, OSPF, BGP
    • As if trees in the forest calculate best path and tell Red which way to go

Networking Overview 47

routing packets48
Routing Packets
  • Static routing protocols
    • Hard-coded routes
    • Red always has to go the same way
  • Source routing
    • Source specifies route in packet
    • Step-by-step directions to Grandma’s house tattooed on Red’s forehead

Networking Overview 48

  • Network Address Translation
  • Address-related problems
    • Not enough IP addresses to go around
    • Internal network uses “illegal” or unroutable (private) addresses
  • Solutions: NAT
    • Gateway (i.e., router or firewall) “translates” addresses

Networking Overview 49

  • Outgoing --- gateway replaces internal address with valid IP address
  • Incoming --- gateway replaces valid IP address with internal address
  • Note that gateway must remember!

Networking Overview 50

how to implement nat
How to Implement NAT?
  • Map single IP address
    • Every packet mapped to one IP address
    • Vary source port numbers
    • Port Address Translation (PAT)
  • One-to-one mapping
    • Internal address mapped to unique IP address
  • Dynamically allocate addresses
    • Multiplex internal addresses to IP addresses
    • Not as popular as other 2 approaches

Networking Overview 51

nat and security
NAT and Security
  • NAT hides internal IP addresses
    • Might be harder for attacker to map network topology
  • NAT of limited security value
    • Attacker could take over NAT device
    • Attacker could let NAT do its job and attack internal network
    • Some argue NAT harms security (IPSec)

Networking Overview 52

firewalls pick your analogy
Firewalls: Pick Your Analogy
  • Network “traffic cop”
  • Network “soccer goalie”

Networking Overview 53

  • Filter based on…
    • Services, addresses, data, etc., etc.
  • May be used to protect…
    • Your network from Internet
    • Your network from partner’s network
    • Your network from your network
    • Internet from your network

Networking Overview 54

  • Attacker: “kick ball” past goalie…

Networking Overview 55

  • Three types of firewalls
    • Packet filter (network layer)
    • Stateful packet filter (transport layer)
    • Proxy-based firewall (application layer)
  • All firewalls one of these types
    • In spite of marketing…
  • Also, Intrusion Prevention Systems (IPS)
    • Not quite the same as firewall

Networking Overview 56

packet filter
Packet Filter
  • Filter each packet individually
    • No concept of state
  • Can filter based on…
    • Source/destination IP address
    • Source/destination port (application specific)
    • TCP control bits (SYN, ACK, etc.)
    • Protocol (e.g., allow TCP, deny UDP)
    • Direction (incoming, outgoing)
    • Interface (trusted or untrusted network)

Networking Overview 57

packet filter58
Packet Filter
  • Access control list (ACL), e.g.,













  • Start at top and work down the list
    • What do 1st, 2nd, 3rd lines do?

Networking Overview 58

packet filter59
Packet Filter
  • Disadvantage: very limited view
  • Consider ACL on previous slide
    • Easy to kick ball past this goalie
    • E.g., ACK scan
  • Even worse with UDP
    • No flag bits
  • Advantages: speed and simplicity

Networking Overview 59

stateful packet filter
Stateful Packet Filter
  • Improve packet filter by adding state
    • State == remember something (packets)
  • Remember each active connection
    • State table: info on active connections
    • Time out, typically, after 10 to 90 seconds
    • Can see how/if new packet fits into ongoing connection
    • For example, ACK must be preceeded by SYN

Networking Overview 60

stateful packet filter61
Stateful Packet Filter
  • With packet filter
    • Attacker can “ACK scan” for open ports
    • Send ACK packets with no prior SYN
  • With stateful packet filter
    • ACK scan fails
    • Packets dropped since no prior SYN
  • Can also remember UDP “connections”

Networking Overview 61

stateful packet filter62
Stateful Packet Filter
  • Advantage: Much stronger than packet filter
  • Disadvantage: More work
    • Often implemented in custom hardware, so speeds can be competitive
  • Still lacks a complete view…

Networking Overview 62

  • Proxy --- acts on your behalf
  • Analogy…
    • Student calls me at home late at night
    • My wife answers the phone
    • She tells me a student called
    • Me: “Tell that $&^# to get lost!”
    • My wife: “He’s busy, can I take a msg?”

Networking Overview 63

  • Another analogy…
    • Telemarketer calls me at home
    • My wife answers the phone
    • She tells them to go away…
    • …without informing me of the call
  • My wife is acting as my proxy
  • Proxy firewall is similar

Networking Overview 64

proxy based firewall
Proxy-Based Firewall
  • Proxy can look at complete picture
    • Everything packet filter sees
    • Everything stateful packet filter sees
    • Plus application level info --- can verify that protocols are followed, data is free of malware, etc., etc.
  • May cache info for efficiency

Networking Overview 65

proxy based firewall66
Proxy-Based Firewall
  • Advantage: complete view
  • Disadvantage: speed, computing power
    • May limit amount of traffic it can handle, more expensive hardware, more complex, etc.

Networking Overview 66

  • Intrusion Prevention System (IPS)
    • Similar to, but not quite a firewall
  • Analyze network traffic in real time
  • Attack signatures/suspicious behavior
    • Signatures/anomaly detection
  • Firewall does not do this
  • Can block suspicious communications

Networking Overview 67

best firewall
Best Firewall?
  • Try to get best from each technology

Networking Overview 68

data link layer
Data Link Layer
  • Not part of TCP/IP
    • But it is a source of attacks
  • Data Link Layer
    • Move packets across one “hop”, LAN to router, router to router, etc.
    • Lives in Network Interface Card (NIC)
    • Ethernet, 802.11 (wireless), etc.

Networking Overview 69

  • Ethernet is “king of the Link Layer”
  • Ethernet used on shared media
    • Resource contention
  • Media Access Control (MAC) addresses
    • 48 bits, globally unique
    • Of form AA:BB:CC:DD:EE:FF (or “.” for “:”)
    • IP address is like street address, MAC address like social security number
    • Aside: Why not use IP address for everything?

Networking Overview 70

  • Address Resolution Protocol (ARP)
    • MAC address for LAN, IP address for network
  • ARP is used to find MAC address, given the IP address
    • Broadcast IP address
    • Whoever has it, responds with MAC address
    • Response is cached (for efficiency)

Networking Overview 71

  • ARP only applies on same LAN
  • ARP is stateless

Networking Overview 72

hubs and switches
Hubs and Switches
  • Both used on LAN
  • Hub is simple/dumb device
    • Broadcast to all interfaces
    • Simple, but wastes bandwidth
  • Switch is smarter
    • Only sends data to a specific interface
    • Reduces bandwidth usage

Networking Overview 73

hubs and switches74
Hubs and Switches
  • Hub
    • Simple
    • Wasteful
  • Switch
    • Complex
    • Saves bandwidth

Networking Overview 74

  • Switch stores MAC address locations
    • Content Addressable Memory (CAM)
  • Table determined automatically
    • At first switch acts like hub
    • Then looks at MAC addresses
    • Uses this info to fill in table
    • This all happens automatically

Networking Overview 75


Networking Overview 76

wireless lan
Wireless LAN
  • 802.11 is king of WLAN
  • Wireless security is difficult
    • Often not secured, rogue access points, …
  • LAN usually has little or no security
    • Maybe OK if physical access required
    • But WLAN changes all of that…
    • WLAN is good news for Trudy and Eve

Networking Overview 77

  • Regular LAN attacks work on WLAN
  • Physical access not required!
  • Makes hackable network more so
  • Great news for Trudy and Eve!
    • Cell phones and other wireless technology promise even more hacks

Networking Overview 78

802 11
  • 802.11 --- 1997 @ 2Mbps
  • 802.11a --- 1999 @ 54Mbps
    • Not used much, since came out at same time as 802.11b, and 802.11b is cheaper
  • 802.11b --- 1999 @ 11Mbps
    • Speed similar to traditional Ethernet
  • 802.11g --- 2003 @ 54Mbps
    • Popular, combines best of 802.11a and 802.11b

Networking Overview 79

802 1180
  • 802.11i --- 2004
    • Real security
    • Strong encryption (AES)
    • Strong key exchange (TKIP)
  • Much stronger than WEP
    • WEP: “swiss cheese” of security protocols
    • WEP: no integrity, poor encryption, etc.

Networking Overview 80

  • According to Tanenbaum:
    • “The 802.11 standard prescribes a data link-level security protocol called WEP (Wired Equivalent Privacy), which is designed to make the security of a wireless LAN as good as that of a wired LAN. Since the default for a wired LAN is no security at all, this goal is easy to achieve, and WEP achieves it as we shall see.”

Networking Overview 81

security on the internet
Security on the Internet
  • TCP/IP provides no security
  • Must retrofit Internet for security
  • Application layer
    • PGP, S/MIME, SSH, …
  • “Socket layer”
    • SSL/TLS (really part of application layer)
  • Network layer
    • IPSec

Networking Overview 82

application layer security
Application Layer Security
  • Pretty Good Privacy (PGP)
    • Developed by Phil Zimmerman
    • No backdoor?
      • “We don’t hire that kind of person”
  • Secure/Multipurpose Internet Mail Extensions (S/MIME)
    • Secure email
  • Secure Shell (SSH)
    • Secure “tunnel” for remote access

Networking Overview 83

  • Secure Socket Layer (SSL)
    • Developed for Web, HTTP
    • Can be used anywhere
    • Elegant security protocol
  • Transport Layer Security (TLS)
    • Same, but incompatible

Networking Overview 84

  • Authentication, confidentiality, integrity
  • You use SSL all the time
    • Whenever “lock” (or “key”) appears in browser
    • HTTPS == HTTP with SSL
  • Secure transactions on Internet

Networking Overview 85

  • Not quite the same as in CS166 or CS265…

Networking Overview 86


Networking Overview 87

a note on notation
A Note on Notation
  • E(X,K) == encrypt X with symmetric key K
    • Key is known to sender and receiver
    • And nobody else
  • {X}Alice == encrypt X with Alice’s public key
    • Key know to everybody
    • Can only be decrypted with Alice’s private key
    • Alice’s private key known only to Alice

Networking Overview 88

  • h(X) == cryptographic hash function
    • Provides “fingerprint” of X
    • Compresses data
  • Certificate
    • Contains (at least) public key, name
    • Signed by a Certificate Authority (CA)
    • CA vouches that corresponding private key belongs to “name” in certificate
    • Anyone can verify signature (public key)

Networking Overview 89

simple ssl like protocol
Simple SSL-like Protocol
  • Is Alice sure she’s talking to Bob?
  • Is Bob sure he’s talking to Alice?

I’d like to talk to you securely

Here’s my certificate


protected HTTP



Networking Overview 90

simplified ssl protocol
Simplified SSL Protocol

Can we talk?, cipher list, RA

  • S is pre-master secret
  • K = h(S,RA,RB)
  • msgs = all previous messages
  • CLNT and SRVR are constants

certificate, cipher, RB

{S}Bob, E(h(msgs,CLNT,K),K)


Data protected with key K



Networking Overview 91

ssl authentication
SSL Authentication
  • Alice authenticates Bob, not vice-versa
    • How does client authenticate server?
    • Why does server not authenticate client?
  • Mutual authentication is possible: Bob sends certificate request in message 2
    • This requires client to have certificate
    • If server wants to authenticate client, server could instead require (encrypted) password

Networking Overview 92

ssl mim attack
SSL MiM Attack



  • Q: What prevents this MiM attack?
  • A: Bob’s certificate must be signed by a certificate authority (such as Verisign)
  • What does browser do if signature not valid?
  • What does user do if signature is not valid?

certificateT, RB

certificateB, RB










Networking Overview 93

ssl vs ipsec
SSL vs IPSec
  • IPSec  discussed next
    • Lives at the network layer (part of the OS)
    • Has encryption, integrity, authentication, etc.
    • Is overly complex (including serious flaws)
  • SSL (and IEEE standard known as TLS)
    • Lives at socket layer (part of user space)
    • Has encryption, integrity, authentication, etc.
    • Has a simpler specification

Networking Overview 94

ssl vs ipsec95
SSL vs IPSec
  • IPSec implementation
    • Requires changes to OS, but no changes to applications
  • SSL implementation
    • Requires changes to applications, but no changes to OS
  • SSL built into Web application early on (Netscape)
  • IPSec used in VPN applications (secure tunnel)
  • Reluctance to retrofit applications for SSL
  • Reluctance to use IPSec due to complexity and interoperability issues
  • Result? Internet less secure than it should be!

Networking Overview 95


Networking Overview 96

ipsec and ssl






IPSec and SSL
  • IPSec lives at the network layer
  • IPSec is transparent to applications






Networking Overview 97

ipsec and complexity
IPSec and Complexity
  • IPSec is a complex protocol
  • Over-engineered
    • Lots of generally useless extra features
  • Flawed
    • Some significant security issues
  • Interoperability is serious challenge
    • Defeats the purpose of having a standard!
  • Complex
  • Did I mention, it’s complex?

Networking Overview 98

ike and esp ah
  • Two parts to IPSec
  • IKE: Internet Key Exchange
    • Mutual authentication
    • Establish shared symmetric key
    • Two “phases”  like SSL session/connection
  • ESP/AH
    • ESP: Encapsulating Security Payload  for encryption and/or integrity of IP packets
    • AH: Authentication Header  integrity only

Networking Overview 99


Networking Overview 100

  • IKE has 2 phases
    • Phase 1  IKE security association (SA)
    • Phase 2  AH/ESP security association
  • Phase 1 is comparable to SSL session
  • Phase 2 is comparable to SSL connection
  • Not an obvious need for two phases in IKE
  • If multiple Phase 2’s do not occur, then it is more expensive to have two phases!

Networking Overview 101

ike phase 1
IKE Phase 1
  • Four different “key” options
    • Public key encryption (original version)
    • Public key encryption (improved version)
    • Public key signature
    • Symmetric key
  • For each of these, two different “modes”
    • Main mode
    • Aggressive mode
  • There are 8 versions of IKE Phase 1!
  • Evidence that IPSec is over-engineered?

Networking Overview 102

ike phase 1103
IKE Phase 1
  • We discuss 1 of 8 phase 1 variants
    • Public key signatures
    • Both main and aggressive modes

Networking Overview 103

ike phase 1104
IKE Phase 1
  • Uses ephemeral Diffie-Hellman to establish session key
    • Provides perfect forward secrecy (PFS)
  • Let a be Alice’s Diffie-Hellman exponent
  • Let b be Bob’s Diffie-Hellman exponent
  • Let g be generator and p prime
  • Recall that p and g are public

Networking Overview 104

ike phase 1 digital signature main mode
IKE Phase 1: Digital Signature (Main Mode)



  • CP = crypto proposed, CS = crypto selected
  • IC = initiator “cookie”, RC = responder “cookie”
  • K = h(IC,RC,gab mod p,RA,RB)
  • SKEYID = h(RA, RB, gab mod p)
  • proofA = [h(SKEYID,ga,gb,IC,RC,CP,“Alice”)]Alice

IC,RC, ga mod p, RA

IC,RC, gb mod p, RB

IC,RC, E(“Alice”, proofA, K)



IC,RC, E(“Bob”, proofB, K)

Networking Overview 105

ike phase 1 public key signature aggressive mode
IKE Phase 1: Public Key Signature (Aggressive Mode)

IC, “Alice”, ga mod p, RA,CP

  • Main difference from main mode
    • Not trying to protect identities
    • Cannot negotiate g or p

IC,RC, “Bob”, RB,

gb mod p, CS, proofB

IC,RC, proofA



Networking Overview 106

main vs aggressive modes
Main vs Aggressive Modes
  • Main mode MUST be implemented
  • Aggressive mode SHOULD be implemented
    • In other words, if aggressive mode is not implemented, “you should feel guilty about it”
  • Might create interoperability issues
  • For public key signature authentication
    • Passive attacker knows identities of Alice and Bob in aggressive mode
    • Active attacker can determine Alice’s and Bob’s identity in main mode

Networking Overview 107

  • After IKE Phase 1, we have an IKE SA
  • After IKE Phase 2, we have an IPSec SA
  • Both sides have a shared symmetric key
  • Now what?
    • We want to protect IP datagrams
  • But what is an IP datagram?
    • From the perspective of IPSec…

Networking Overview 108

ip review
IP Review
  • IP datagram is of the form
  • Where IP header is


IP header

Networking Overview 109

ip and tcp
IP and TCP
  • Consider HTTP traffic (over TCP)
  • IP encapsulates TCP
  • TCP encapsulates HTTP


IP header

IP header

TCP hdr

HTTP hdr

app data

  • IPdata includes TCP header, etc.

Networking Overview 110

ah vs esp
  • AH
    • Authentication Header
    • Integrityonly (no confidentiality)
    • Integrity-protect everything beyond IP header and some fields of header (why not all fields?)
  • ESP
    • Encapsulating Security Payload
    • Integrity and confidentiality
    • Protects everything beyond IP header
    • Integrity-only by using NULL encryption

Networking Overview 111

esp s null encryption
ESP’s NULL Encryption
  • According to RFC 2410
    • NULL encryption “is a block cipher the origins of which appear to be lost in antiquity”
    • “Despite rumors”, there is no evidence that NSA “suppressed publication of this algorithm”
    • Evidence suggests it was developed in Roman times as exportable version of Caesar’s cipher
    • Can make use of keys of varying length
    • No IV is required
    • Null(P,K) = P for any P and any key K
  • Security people have a strange sense of humor!

Networking Overview 112

why does ah exist 1
Why Does AH Exist? (1)
  • Cannot encrypt IP header
    • Routers must look at the IP header
    • IP addresses, TTL, etc.
    • IP header exists to route packets!
  • AH protects immutable fields in IP header
    • Cannot integrity protect all header fields
    • TTL, for example, must change
  • ESP does not protect IP header at all

Networking Overview 113

why does ah exist 2
Why Does AH Exist? (2)
  • ESP encrypts everything beyond the IP header (if non-null encryption)
  • If ESP encrypts, firewall cannot look at TCP header (e.g., port numbers)
  • Why not use ESP with null encryption?
    • Firewall sees ESP header, but does not know whether null encryption is used
    • End systems know, but not firewalls
  • Aside 1: Do firewalls reduce security?
  • Aside 2: Is IPSec compatible with NAT?

Networking Overview 114

why does ah exist 3
Why Does AH Exist? (3)
  • The real reason why AH exists
    • At one IETF meeting “someone from Microsoft gave an impassioned speech about how AH was useless…”
    • “…everyone in the room looked around and said `Hmm. He’s right, and we hate AH also, but if it annoys Microsoft let’s leave it in since we hate Microsoft more than we hate AH.”

Networking Overview 115

  • Will it save us?
    • According to the author: “No!”
  • Even if universally implemented, many problems remain
    • E.g., software (need I say more?)
  • But it is step in the right direction

Networking Overview 116


Networking Overview 117

  • In Greek mythology, Kerberos is 3-headed dog that guards entrance to Hades
    • “Wouldn’t it make more sense to guard the exit?”
  • In security, Kerberos is an authentication system based on symmetric key crypto
    • Originated at MIT
    • Based on work by Needham and Schroeder
    • Relies on a trusted third party (TTP)

Networking Overview 118

motivation for kerberos
Motivation for Kerberos
  • Authentication using public keys
    • N users N key pairs
  • Authentication using symmetric keys
    • N users requires about N2 keys
  • Symmetric key case does not scale!
  • Kerberos based on symmetric keys but only requires N keys for N users
    • But must rely on TTP
    • Advantage is that no PKI is required

Networking Overview 119

kerberos kdc
Kerberos KDC
  • Kerberos Key Distribution Center or KDC
    • Acts as a TTP
    • TTP must not be compromised!
    • KDC shares symmetric key KA with Alice, key KB with Bob, key KC with Carol, etc.
    • Master key KKDC known only to KDC
    • KDC enables authentication and session keys
    • Keys for confidentiality and integrity
    • In practice, the crypto algorithm used is DES

Networking Overview 120

kerberos tickets
Kerberos Tickets
  • KDC issues a ticket containing info needed to access a network resource
  • KDC also issues ticket-granting tickets or TGTs that are used to obtain tickets
  • Each TGT contains
    • Session key
    • User’s ID
    • Expiration time
  • Every TGT is encrypted with KKDC
    • TGT can only be read by the KDC

Networking Overview 121

kerberized login
Kerberized Login
  • Alice enters her password…
  • …then Alice’s workstation
    • Derives KA from Alice’s password
    • Uses KA to get TGT for Alice from the KDC
  • Alice can then use her TGT (credentials) to securely access network resources
  • Plus: Security is transparent to Alice
  • Minus: KDC must be secure  it’s trusted!

Networking Overview 122

kerberized login123
Kerberized Login

Alice wants

  • Key KA derived from Alice’s password
  • KDC creates session key SA
  • Workstation decrypts SA, TGT, forgets KA
  • TGT = E(“Alice”,SA, KKDC)








Networking Overview 123

alice requests ticket to bob
Alice Requests Ticket to Bob

I want to

talk to Bob

  • REQUEST = (TGT, authenticator) where

authenticator = E(timestamp,SA)

  • REPLY = E(“Bob”,KAB,ticket to Bob, SA)
  • ticket to Bob = E(“Alice”,KAB,KB)
  • KDC gets SA from TGT to verify timestamp


Talk to Bob





Networking Overview 124

alice uses ticket to bob
Alice Uses Ticket to Bob
  • ticket to Bob = E(“Alice”,KAB, KB)
  • authenticator = E(timestamp, KAB)
  • Bob decrypts “ticket to Bob” to get KAB which he then uses to verify timestamp

ticket to Bob, authenticator

E(timestamp + 1,KAB)




Networking Overview 125

  • Session key SA used for authentication
  • Can also be used for confidentiality/integrity
  • Timestamps used for mutual authentication
  • Recall that timestamps reduce number of messages
    • Acts like a nonce that is known to both sides
    • Note: time is a security-critical parameter!

Networking Overview 126

kerberos questions
Kerberos Questions
  • When Alice logs in, KDC sends E(SA,TGT,KA)whereTGT = E(“Alice”,SA,KKDC)

Q: Why is TGT encrypted with KA?

A: Extra work and no added security!

  • In Alice’s Kerberized login to Bob, why can Alice remain anonymous?
  • Why is “ticket to Bob” sent to Alice?
  • Where is replay prevention in Kerberos?

Networking Overview 127

kerberos alternatives
Kerberos Alternatives
  • Could have Alice’s workstation remember password and use that for authentication
    • Then no KDC required
    • But hard to protect password on workstation
    • Scaling problem
  • Could have KDC remember session key instead of putting it in a TGT
    • Then no need for TGTs
    • But stateless KDC is big feature of Kerberos

Networking Overview 128

kerberos keys
Kerberos Keys
  • In Kerberos, KA = h(Alice’s password)
  • Could instead generate random KA and
    • Compute Kh = h(Alice’s password)
    • And workstation stores E(KA, Kh)
  • Then KA need not change (on workstation or KDC) when Alice changes her password
  • But E(KA, Kh) subject to password guessing
  • This alternative approach is often used in applications (but not in Kerberos)

Networking Overview 129

kerberos issues
Kerberos Issues?
  • What if…
  • Trudy gets Alice’s “credentials”?
    • No problem!
    • Credentials encrypted with KKDC
  • Trudy breaks into Alice’s machine?
    • Session key SA is cached
    • This breaks authentication

Networking Overview 130

  • TCP/IP very flexible
  • TCP/IP not designed for security
    • Highly hackable
  • SSL, IPSec, etc., help
    • But many problems remain

Networking Overview 131

  • TCP/IP, OSI Ref. Model, Layers, …
  • Protocols: TCP, UDP, IP, ICMP
  • Ports, well-known ports
  • TCP flags/control bits
  • 3-way handshake
  • Unreliable Damn Protocol

Networking Overview 132

  • IP, IP addresses, fragments, etc.
  • ICMP, “plumbing”
  • Routing, NAT, Firewalls
  • Ethernet, hub, switch, MAC address, ARP
  • WLAN and 802.11
  • SSL and IPSec

Networking Overview 133