Information SecurityInternet, Intranet, Extranet Prof. dr. P.M.E. De Bra Department of Computing Science Eindhoven University of Technology
Parts / Topics / Issues • Basics of Internet technology / Organization • Application of encryption in networks • Principles of Firewalls / Virtual Private Networks. • Financial transactions over Internet • Basics of World Wide Web technology • Server-side security issues • Client-side security issues • Accessing databases through the Web
What is Internet? • A network of networks based on the TCP/IP protocols. • A community of people who use and develop those networks. • A collection of resources that can be reached from those networks. Internet standards are defined in RFCs. Informal definition of Internet is rfc 1462: http://www.normos.org/ietf/rfc/rfc1462.txt
Layered Internet protocols • Hardware-level protocol (wire without protocol, ethernet protocol, X.25, ATM, ...). • IP (lowest level Internet Protocol). • TCP, UDP, ICMP: TCP is used most, provides reliable connections. • SMTP, FTP, Telnet, ...: Application-level protocols (mostly on top of TCP/IP). We look at 1) TCP, 2) IP, 3) UDP and ICMP, 4) Application-level protocols, 5) Ethernet
Internet Basics: Addressing • Every computer has a 32 bit (4 octet) address: e.g. 22.214.171.124. Addresses reveal something about the associated network: • First octet 1..126: A networks, very large. (Arpanet is one of these 126 networks.) • First two octets 128.1 .. 191.254: B networks, maximum of 64516 computers in each network. • First three octets 192.1.1 .. 223.254.254: C networks, maximum of 254 computers in each. • Addresses above 224.1.1 are reserved for the future, for still undefined D and E networks.
Internet Basics: Addressing • Some addresses are never used. They can be used behind firewalls on company Intranets: • 10.0.0.0 to 10.255.255.255 can be used for an A class Intranet. • 172.16.0.0 to 172.16.255.255 can be used for a B class Intranet. • 192.168.0.0 to 192.168.255.255 can be used for C class Intranets. • First octet 127 is not used on Internet or Intranets. (127.0.0.1 is the “loopback” on every machine.)
Internet Basics: TCP protocol • Provides connections of connectionless IP protocol, through the use of ports. • A connection is defined by a source and destination IP address and a source and destination port. (A TCP header contains ports, the IP header the IP addresses.) • “Standard” servers “listen” to predefined (privileged) ports, with numbers below 1024. • Clients use unprivileged ports. • One computer can have many simultaneous connections to many other computers. All connections between a pair of computers must use different source or destination port numbers.
Internet Basics: TCP protocol • Data to be transmitted is divided in (a sequence of) datagrams. • TCP software on both ends says how large a datagram may be. The smaller size is chosen. Each datagram consists of a header and data. • Each datagram gets a sequence number. Each received datagram is acknowledged by returning a datagram with an acknowledgement number. • The acknowledgement contains a window size, indicating how many datagrams may be sent before the sender has to stop. • Every datagram gets a checksum to verify that the contents has arrived correctly.
Internet Basics: IP • IP sends datagrams from a source IP address to a destination IP address. (It may also split the datagram when needed.) • Each datagram contains an IP header, with a checksum (of the header only). • The header contains a protocol (code) to indicate whether it is a TCP, UDP or ICMP datagram. • Each datagram is routed separately. • Some datagrams may arrive faster than others. • Some datagrams may be lost. Each header has a time to live to indicate how much longer (number of hops) the datagram may live.
Internet Basics: Routing • Routing is the task of finding how to get a datagram to its destination. • Each machine can send datagrams directly to some other machines on a local network. • Each machine knows a gateway machine it can send datagrams to. • A gateway has connections to a number of networks and maintains a routing table of which connection to use for which destination. • A gateway can respond to a request with “I’m not the best gateway for this destination”.
Internet Basics: Domain Names • Most applications and users use domain names instead of IP numbers. A redundant hierarchy of name servers provides translation of names to numbers. • Name to reach: pcnov290.win.tue.nl • Ask a root server for an nl server. • Ask a server for the nl domain for a tue server. • Ask a server for the tue domain for a win server. • Ask a server for the win domain for the address of pcnov290.
Internet Basics: UDP and ICMP • UDP: User Datagram Protocol • Provides port numbers like TCP. • Provides a checksum for header + data. • Does not split data into separate datagrams. • Does not put sequences of datagrams together. • Does not keep track of lost datagrams, for retransmission. • ICMP: Internet Control Message Protocol • Used for messages (that fit into a single datagram). • Interpreted by IP itself. There are no port numbers.
Application level Protocols • Many TCP/IP protocols are text-based so that humans can easily interpret them: Example: Mail dialog between client and server svis01: 220 svis01.win.tue.nl ESMTP Sendmail 8.8.7/1.45 ready at Fri, 5 Feb 1999 23:28:31 +0100 (MET) pcnov290: HELO pcnov290.win.tue.nl svis01: 250 svis01.win.tue.nl Hello pcnov290 [126.96.36.199], pleased to meet you pcnov290: MAIL From: firstname.lastname@example.org svis01: 250 email@example.com... Sender ok ...
Application level Protocols • Telnet: allows to log in on any other computer on the network (on which you have an account). It requires an interactive login. (Username and Password are transmitted without encryption.) • Rlogin: allows to remote log in as a specific user. It is possible to log in without password, based on domain name. (Insecure). • Ssh: “secure shell”, allows remote log in, using encrypted channel, with or without password. (public/private keys used between computers.)
Application level Protocols • Ftp: File Transfer Protocol. Used in anonymous mode to access public file servers, and with passwords to copy to and from machines. Ftp uses separate “channel” for commands and for data transfer. • Rcp: Remote copy, allowed based on domain name / user name combination. Insecure. • Scp: Secure copy, allowed based on domain name / user name combination and public/private key encryption. Uses encrypted channel to avoid snooping.
Application level Protocols • SMTP: Simple Mail Transfer Protocol • NNTP: Network News Transfer Protocol • RPC: There are different varieties of protocols for remote execution. (Remote shell, remote procedure call, etc.) • NFS: Network File System. Introduced by Sun Microsystems. Uses UDP, not TCP. • Remote Printing • ...
Ethernet • Each ethernet board has a unique 48 bit address. (16 bits are assigned to a vendor, 32 bits can be used by the vendor). • Every ethernet packet contains a source address and destination address. • Every ethernet packet contains a checksum at the end. • Ethernet interfaces automatically listen to packets with their address as destination. It is possible to cheat (to listen to everything).
Ethernet • An ARP request is used to find out which ethernet address corresponds to an IP number. • ARP is needed to talk to Internet hosts on the local ethernet. • (Local) ethernet routers can block packets that originate from machines with an unknown ethernet address. (It is easier to pretend to have a different IP number than to pretend to have a different ethernet number.)
Internet security: Issues • How to achieve secure (secret and reliable) communication over an insecure network. (Which encryption techniques fit which purpose.) • How to prevent unauthorized access to services while allowing authorized access to other services. • How to isolate a company network from Internet, while allowing the use of Internet by computers in the company.
Internet communication threats • Snooping: Any computer on Internet can intercept passing datagrams. One can easily filter out the data belonging to a single connection.
Internet communication threats • Spoofing: A computer can pretend to be another one (by using the other’s IP number) and thus steal its traffic.
Internet communication threats • Spoofing:Man in the middle variation Spoofing machine talks to the “real” owner of IP number, to pass on corrupted data.
Secure communication • Four requirements: • Confidentiality: others cannot eavesdrop on an information exchange. • Integrity: the messages cannot be tampered with (without that being detected). • Authenticity: the identity of the sender of a message can be verified (through a digital signature). • Non-Repudiability: there must be a record of the information exchange so that sender and receiver cannot deny that the exchange took place.
Encryption Techniques • Secret key encryption: Two parties exchanging information need to know the same secret key. It is used for encryption and decryption of a message. • Public key encryption: Two keys work together: a public and a private key. A message encrypted with either key can be decrypted with the other key. One key is published, the other is kept secret.
Encryption Standards • DES: Data Encryption Standard, developed by IBM. (certified by NIST as FIPS 46-1, and also known as ANSI standard X9.32) • Uses 64-bit block size and 56-bit key (plus 8 parity bits). • Symmetric cryptosystem, built around a 16 round Feistel cipher. • Originally designed for implementation in hardware. • Not approved for export outside the USA. • DES can be broken, at considerable cost.
Encryption Standards • Triple-DES: Variation of DES where each message is encrypted three times. There are three variations: • DES-EEE3: three DES encryptions with three different keys. • DES-EDE3: encrypt, decrypt, encrypt with three different keys. • DES-EEE2 and DES-EDE2: same as before but the first and third operations use the same key. Multiple encryption does not necessarily make encryption harder to break.
Encryption Standards • RC2: variable key-size block cipher (designed by Ron Rivest, leading to the name “Ron’s Code” or “Rivest Cipher”.) • Symmetric cryptosystem. • Can be made more secure or less secure by using different key sizes. • Uses a block size of 64 bits. • Twice as fast as DES. • Approved for US export with 40-bit key.
Encryption Standards • RC4: variable key-size stream cipher with byte-oriented operations. • Symmetric cryptosystem. • Can be made more secure or less secure by using different key sizes. • Can be implemented efficiently. • Approved for US export with 40-bit keys. • RC5: variable block-size, variable key-size, variable number of rounds. (Patent by RSA) • Symmetric cryptosystem. • Can be implemented efficiently.
Encryption Standards • IDEA: (International Data Encryption Algorithm) is a 64 bit iterative block cipher with a 128 bit key. • Symmetric cryptosystem. • Can be implemented efficiently in hardware and software. • Widely published about, and thus not subject to export restrictions.
Encryption Standards • RSA: public-key cryptosystem. Used for encryption and for digital signatures: • Asymmetric cryptosystem. Uses pairs of keys, one public, one private. • At least 100 times slower than DES, thus not suitable for encrypting large messages or data streams.
Encryption Standards • Practical use of RSA (or other public-key cryptosystems): supposes A wishes to send a secret, signed message to B. 1. A applies a hash function to the message to create a message digest, a digital fingerprint of the message. 2. A encrypts the digest with her private key. 3. A encrypts the message and digest with B’s public key and sends that to B. 4. B decrypts the message and digest with B’s private key. 5. B decrypts the digest with A’s public key. 6. B performs the hash function on the message and compares it to the digest.
Secure Hash Functions • SHA: Secure Hash Algorithm (NIST FIPS PUB 180) produces a 160-bit message digest. • MD2: Hash algorithm for 8 bit machines. • MD4, MD5: Hash algorithms for 32 bit machines. They produce a 64-bit message digest.
Secure Sockets Layer • Introduced by Netscape Communication to enable secure communication between a Web browser and servers. • Extra layer between application and TCP/IP. • Is application independent. Applications see an (unencrypted) data channel. • Performs • Encryption of communication. • Server validation. • Optional client validation.
Secure Sockets Layer • Supported encryption techniques: • RC2: • RC4: • IDEA: • DES: • Triple-DES: • Supported message digest technique: • MD5
Secure Sockets Layer 1. Client opens a channel to the server. 2. Server sends its certificate and cipher preferences. 3. Client generates a master key, encrypts it with the server’s public key, and sends it to the server. 4. Server decrypts the master key, and authenticates itself by returning a message to the client, encrypted using the master key. 5. The server may send a challenge to the client. 6. The client authenticates itself by returning the client’s digital signature on the challenge and its public key certificate.
Encryption at the IP level • S/WAN (Secure Wide Area Network) promotes the deployment of Internet-based Virtual Private Networks (VPNs). • Standard specification for implementing IPsec. • Possibly lower level security than SSL. • S/WAN uses RC5 encryption with keys ranging from 40 to 128 bits. • Protocol formats for Authentication Header and Encapsulating Security Payload are independent of cryptographic algorithm. • Host-to-host, subnet-to-subnet and host-to-subnet secure communication.
Secure Shell • Protocol for secure remote access from one computer to another. • Can be used for secure login on a server, or for setting up a virtual private network. • Ssh can be configured to forward X11 connections over the encrypted “tunnel”. • Other TCP/IP connections can also be tunneled through ssh to the server to give secure access to mail, web, file systems, ftp, etc. • info: http://www.ssh.fi/
Kerberos • Authentication service, part of Project Athena at MIT. • Uses secret key encryption (originally DES). • Designed to authenticate requests for network resources, not authorship of documents. • A server performs centralized key management. It contains the secret keys for all users. This creates a single point of failure. • Considered adequate for local networks or networks within one administrative domain.
PGP: Pretty Good Privacy • Software package that provides cryptographic routines for e-mail and file storage. • Provides message encryption, digital signatures, data compression and e-mail compatibility. • RSA and Diffie Hellman for key transport. • CAST and Triple-DES for message encryption. • RSA or DSA for signing. (export restrictions!) • MD5, RIPEMD-160 or SHA-1 for computing message digests. • Compression through the ZIP program.
S/MIME • Secure/Multipurpose Internet Mail Extensions. • Adds digital signatures and encryption to MIME. • (MIME standards, see rfc1521 and rfc822) • Endorsed by many messaging vendors, including Microsoft, Lotus, Wollongong, Banyan, NCD, VeriSign, Netscape and Novell. • Uses hierarchies of trusted third parties to verify the authenticity of the keys provided by users (or servers). • Secret key algorithms DES, Triple-DES, RC2. • Private key algorithm: RSA.
Host (or Subnet) Security • Any technical solution for security must be used as a means of implementing a chosen security policy: • What are we protecting? • How important is it? • How likely is it that it will be attacked? • What should happen if an attack is successful? • What is permitted, by whom and for what purpose? • What Internet connectivity is needed from the host or subnet?
Firewalls: background • A firewall provides security for an Intranet by controlling what and how can be communicated with Internet. Firewalls cannot protect against: • Attacks that do not go through the firewall (hand carried tapes/disks, modem connections). • Data-driven attacks: something (malicious) is uploaded or copied through a legitimate channel, and then executed. • Denial of service attacks that overload the data connection between Intranet and Internet.
Firewall architectures • Approaches: • packet filtering: allow only datagrams with certain properties to pass. • proxy services: application-level gateways that forward datagrams and hide the Intranet. • Architectures: • dual-homed host: one host with two network interfaces, one for Intranet, one for Internet. • screened host: packet filter combined with bastion host providing gateway/proxy services. • screened subnet: trusted/untrusted subnets.
Packet filtering (screening router) • Selectively blocks or lets through packets between the Intranet and Internet, based on: • Source IP address • Destination IP address • Protocol (TCP, UDP) • Source port • Destination port • For each combination one can configure the filter to allow or deny all values, certain ranges, or single values.
Proxy Services • Specialized services (application-level gateways) take a request from an Intranet computer and forward it to Internet. • Proxies are most useful when Intranet computers can only reach Internet through the proxy. • Many applications can be configured to use proxies. SOCKS is a proxy construction toolkit used to modify clients for proxy operation. • To the Internet hosts all Intranet requests appear to come from the proxy server. A proxy is sometimes used to hide where a request came from.
Dual-Homed (Bastion) Hosts • Requires a host with two network interfaces. • High level of control, but possibly also a high workload on the bastion host. • All traffic must pass through the bastion host. • The bastion host offers proxy services. • The IP addresses of the Intranet computers are invisible on Internet. Special ranges are reserved for this: 10.x, 172.16 and 192.168. • The bastion host should off as few services as possible. It should not have user accounts.