l8 reviews n.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
L8. Reviews PowerPoint Presentation
Download Presentation
L8. Reviews

Loading in 2 Seconds...

play fullscreen
1 / 27

L8. Reviews - PowerPoint PPT Presentation


  • 142 Views
  • Uploaded on

L8. Reviews. Rocky K. C. Chang, May 2011. Foci of this course. Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing today ’ s Internet infrastructure. Exposed to some current Internet security problems.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'L8. Reviews' - knox


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
l8 reviews

L8. Reviews

Rocky K. C. Chang, May 2011

foci of this course
Foci of this course
  • Understand the 3 fundamental cryptographic functions and how they are used in network security.
  • Understand the main elements in securing today’s Internet infrastructure.
  • Exposed to some current Internet security problems.
types of attacks
Types of attacks
  • Passive attacks (eavesdropping), e.g.,
    • ciphertext-only attacks (recognizable plaintext attacks)
      • Fred has seen some ciphertext.
    • known-plaintext attacks
      • Fred has obtained some <plaintext, ciphertext> pairs.
    • chosen-plaintext attacks
      • Fred can choose any plaintext he wants.
  • Active attacks, e.g.,
    • pretend to be someone else (impersonation)
    • introduce new messages in the protocol
    • delete existing messages
    • substituting one message for another
    • replay old messages
slide4

Three cryptographic functions

  • Hash functions: require 0 key
  • Secret key functions: require 1 key
  • Public key functions: require 2 keys
symmetric cryptography
Symmetric cryptography
  • Secret key functions
    • Stream cipher vs block cipher
    • Symmetric cryptography based on substitution (confusion) and diffusion
    • 64-bit DES and 128/192/256-bit AES
  • Secrecy service
    • Encrypting data of any size: cipher block chaining (CBC)
    • Security problems with CBC, e.g., identical and nonidentical ciphertext blocks.
cryptographic hash functions and mac
Cryptographic hash functions and MAC
  • Hash functions
    • 3 properties: pre-image resistance, collision resistance, and mixing transformation
    • The birthday problem and attack
      • k  1.774q, where q is the number of distinct hash outputs
      • The length of a secure hash output ≥ 256 bits
    • Hash function standards (MDx, SHA-x)
    • 2 problems: length extension and partial message collision
  • Message authentication codes
    • A successful attack on MAC
    • CBC-MAC and HMAC
the public key cryptography
The public-key cryptography
  • Prime numbers, modulo a prime
  • A group for the set of numbers modulo a prime p without 0 under multiplication
  • Compute the multiplicative inverse using the extended Euclid algorithm.
  • Generate a large prime number.
    • The Rabin-Miller test determines whether an odd integer is prime.
  • Each party involved in a public-key cryptographic system is one secret and one public “key”.
the diffie hellman dh protocol
The Diffie-Hellman (DH) protocol
  • The DH protocol uses the multiplicative group modulo p, where p is a very large prime.
    • A generator g generates a set of numbers 1, g, g2, …, gt-1 (gt = 1 again).
    • Subgroups (t < p-1) and group (t = p-1)
  • The basic Diffie-Hellman (DH) protocol
    • (g, p) and a random number in (1, 2, …, p-1)
    • The discrete logarithm problem
  • Security problems
    • Using a smaller subgroup ({1}, {1, p-1}) and a safe prime
    • Squares and nonsquares
    • Man in the middle attack
the rsa algorithm
The RSA algorithm
  • In RSA, we perform modulo a composite number n = p  q, where p and q are large primes.
    • Use 2 different exponents e (public) and d (private), such that e  d = 1 mod t, where t = lcm(p – 1, q – 1).
  • To encrypt m, compute c = me mod n; to decrypt c, compute cd mod n = m.
  • To sign m, compute s = m1/e mod n; to verify the signature, compute se = m mod n.
  • Choices of e, p, and q
  • Pitfalls of using RSA, e.g., encrypting a small message, message signing.
authentication
Authentication
  • Network-based, password-based
  • Cryptographic authentication
    • Symmetric and asymmetric
    • Challenge and response
    • Mutual authentication  2 x one-way authentication.
    • Reflection attack and man in the middle attack
  • Principles:
    • One-way: Have the responder influence on what she encrypts or hashes.
    • Have both parties have some influence over the quantity signed.
authenticated key exchange
Authenticated key exchange
  • Authenticated Diffie-Hellman exchange
    • Perfect forward secrecy
  • Allow both sides to agree on the crypto. algorithms and the DH parameters.
  • A partial solution to denial-of service attacks using cookies
  • It is prudent to couple the key exchange with authentication.
slide21
PKI
  • Alice generates her public/private key pair.
    • Keep the private key.
    • Take the public key to the CA, say k
    • The CA has to verify that Alice is who she says she is.
    • The CA then issues a digital statement stating that k belongs to Alice.
  • There will never be a single CA for all or most of all.
    • There are going to be a large number of PKIs.
    • Use different key pairs in different PKIs.
  • Choose between a key server approach and a PKI approach.
ipsec
IPSec
  • Unicast, unidirectional security association at the IP layer
  • Authentication Header and Encapsulation Security Payload
  • Partial solution to the replay attack
  • Tunnel mode and transport mode
  • Encryption without authentication is useless.
  • Outbound and inbound packet processing
ikev 1
IKEv.1
  • IKE phase 1 (ISAKMP association) and phase 2
  • The main mode consists of 3 message pairs.
    • 1st pair: ISAKMP SA negotiation
    • 2nd pair: a D-H exchange and an exchange of nonces
    • 3rd pair: Peer authentication
  • The phase 1 is protected with encryption and authentication.
    • Establish IPSec associations and the necessary keys.
  • A new issue here is hiding the identities of the end points
tls 1 0 ssl 3 0
TLS 1.0/ SSL 3.0
  • Pros and cons of providing security services at the transport layer instead of the IP layer.
  • The TLS Handshake and Record layers.
  • Session states and connection states
    • The session states can be reused to establish a new connection.
  • Server and client authentication
network security is more than the above
Network security is more than the above
  • Wireless security: IEEE 802.11i, RFID, Bluetooth, IP telephony, etc
  • Worms and buffer overflow attacks
  • Denial-of-service and degradation-of-service attacks
  • Data security
  • Covert channel, privacy protection
network security is more than the above1
Network security is more than the above
  • Security policies
  • Operational issues
  • Human issues
  • Vulnerability analysis
  • Auditing
  • Intrusion detection
  • System security
  • Program security
  • etc
slide27

“Security is a chain; it’s only as secure as the weakest link.”“Security is not a product; it itself is a process.”Bruce Schneier