1 / 22

Intro To Secure Comm. Exercise 7

Intro To Secure Comm. Exercise 7. Solution (review of last lesson). Assuming CEO1:10.0.0.1 CEO2:11.0.0.1 Use both transport mode and tunnel mode IPSec. First use Transport mode IPSec CEO1 SP : To CEO2 -> Encrypt Transport Mode CEO2 SP : To CEO1 -> Encrypt Transport Mode.

hasad-barnett
Download Presentation

Intro To Secure Comm. Exercise 7

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Intro To Secure Comm.Exercise 7

  2. Solution (review of last lesson) • Assuming • CEO1:10.0.0.1 • CEO2:11.0.0.1 • Use both transport mode and tunnel mode IPSec. • First use Transport mode IPSec • CEO1 SP : To CEO2 -> Encrypt Transport Mode • CEO2 SP : To CEO1 -> Encrypt Transport Mode

  3. Solution (review of last lesson) • Second, use IPSec tunnel mode between routers such that ALL messages are encrypted using tunnel mode (no differentiation between CEO messages and users’ messages) • This way, messages between CEOs are protected from being noticed from the internet (this is because the messages are designated to the routers) • Inside the network, the messages are still encrypted.

  4. Scenario

  5. Problem • The company enables IPSec in tunnel mode between each branch of the company. • Users are allowed to browse the internet freely. • How can a virus expose information sent from branch A to B?

  6. Solution • By sniffing the network, the virus can sniff packets sent between the branches. • The virus can then send the information to a host located on the internet. • Since the information between the branches is sent on the clear (until it reaches the VPN host) it is easily viewed.

  7. Attack explanation • Say computer A from office A send information to computer B in office B. • The virus sniffs the network and gets a hold of the message. • The virus sends the message using a connection to the internet, to an internet host.

  8. Problem • What if the routers are configured only to allow secured IPSec communication? • i.e. no internet forwarding. • Is the attack viable now?

  9. Solution • YES!!! • Through subliminal channels, the virus can communicate with the sniffer • Through timings • Through length of packets • In conjunction with the SPI field. • Assuming the SPI is different than other programs. • The eavesdropper can then identify the messages from the virus and identify them using timings/length of packets.

  10. Problem (Test Question) • חברה מעונינת להבטיח מספר יישומים קריטיים (משכורות, כח אדם, דו"חות מכירות) מפני תוקף חיצוני או פנימי. ההנחה היא שהתוקף עלול להשתלט על מחשב אחד או מחשבים מעטים, ובפרט מניחים שלא יוכל להשתלט על שרתים (שמאובטחים היטב) אלא רק על תחנות עבודה. מעונינים למנוע מהתוקף, אפילו אם הוא שולט על מחשב אחד שנמצא ברשת מקומית מסוימת, מלחשוף או לשנות הודעות בין מחשבים ברשת שאינם נשלטים על ידיו ובין אחד משרתי היישומים הקריטיים. מוצע להגן ע"י שימוש ב-IP-sec בשיטת ESP ומצב Transport, בין כל תחנת עבודה לבין השרתים שמריצים את אותם שירותים קריטיים. • הראה שפתרון זה עשוי שלא למנוע התקפה, ותוקף ששולט במחשב אחד ברשת עלול להיות מסוגל להתחזות לשרת היישום הקריטי. רמז: שרתים אחרים ברשת, שאינם מריצים את היישומים הקריטיים, אינם מריצים IP-sec.

  11. Solution • The key idea is that only application servers are protected with IPSec. • What about DNS servers? (or any other naming servers) • The following attack may happen • ADV takes control over some computer (a client/DNS) which are not protected. • ADV changes DNS record to point to the controlled computer • By spoofing reply from DNS server • When the application needs to transmit information, it transmits to the wrong IP thus not protecting the data with IPSec. • The application is UNAWARE of it.

  12. From Class • Detection is computationally infeasible… • Identify malicious programs / viruses • Identify programs that erase the disk, etc. • Identify programs that may output programs • Given programs P and Q, was Q output of P? • Prove! (hint: think of computation theory)

  13. Solution • For example, take:Given programs P and Q, was Q output of P • Detection shall be done by analyzing program P run on input I in time t giving output Q’ • Reduction to H{Machine which has the language  i.e. no language} • Reduction steps: • Combine P, I into machine Hpi by integrating input I into the code of P. • Hard code output Q into Hpi • Run P on hard coded I • When stopped, verify Q’=Q. • If Q’!=Q Stop, otherwise loop inifnitely. • Insert Hpi into machine H. • If says YES, then Hpi never stops, thus output NO. • Otherwise output YES

  14. Solution • From reduction we can clearly see that when the machine doesn’t stop on the output or the output is not identical, the constructed machine will never stop. • Since H isundecidable… thus can’t decide weather Q output of P

  15. C A Boot ?? src:B dest:A payload B Encrypted! From lecture • Assume the following network

  16. Problem • Compare the use of SSL, IPSec and link level security.

  17. Solution • SSL is NOT a good solution. • SSL secures the transport layer • SSL is used for connection oriented applications. • Applications must be aware of SSL. • Some applications DO NOT work with SSL (ftp, telnet, …)

  18. Solution • Link Layer • Good only for small networks • Good only for bridged networks • Not good for networks which consist of routers, i.e. internet • Thus, network size is restricted • IPSec • Good for many types of applications. • Applications are unaware of IPSec • IPSec secures both connection oriented/connectionless applications • Not bounded by network size/topology

  19. Problem • Which IPSec modes should we use? • What headers should we use?

  20. Solution • Transport mode may be suitable if we use one device per computer. • Easier to implement • No need for additional IP addresses. • Using AH may be suitable since we need authentication between device and PC. • We want protection for the header.

  21. Problem • Suppose the solution is for a large corporate network and the device has very small memory capacity • how can the master device use different shared key with each computer's device • avoid PK (why?)

  22. Solution • Avoid PK because of computational cost (the device has limited memory and/or CPU) • Use PRF with master key stores in a master device (a KDC like solution) • Good solution for an attacker that can extract the keys from SOME of the devices, i.e. derive keys for certain devices. • In case we assume attacker can’t extract any keys, use one symmetric key for all the devices. (a very strong assumption)

More Related