Summer Workshop on Cyber Security Computer Networks Security (Part 2) Dr. Hamed Mohsenian -Rad - PowerPoint PPT Presentation

urielle-salinas
summer workshop on cyber security computer networks security part 2 dr hamed mohsenian rad n.
Skip this Video
Loading SlideShow in 5 Seconds..
Summer Workshop on Cyber Security Computer Networks Security (Part 2) Dr. Hamed Mohsenian -Rad PowerPoint Presentation
Download Presentation
Summer Workshop on Cyber Security Computer Networks Security (Part 2) Dr. Hamed Mohsenian -Rad

play fullscreen
1 / 104
Download Presentation
Summer Workshop on Cyber Security Computer Networks Security (Part 2) Dr. Hamed Mohsenian -Rad
120 Views
Download Presentation

Summer Workshop on Cyber Security Computer Networks Security (Part 2) Dr. Hamed Mohsenian -Rad

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Summer Workshop on Cyber SecurityComputer Networks Security (Part 2)Dr. HamedMohsenian-Rad University of California at Riverside and Texas Tech University July 14- 18, 2014 Supported by National Science Foundation

  2. Securing Computer Networks • Recall the five layers in computer networks: • Q: In what layer do you think we should apply security tool? Application Transport Network Link Physical Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  3. Securing Computer Networks • Recall the five layers in computer networks: • Q: In what layer do you think we should apply security tool? Application We secure everything coming from above. Transport Network Link Physical Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  4. Securing Computer Networks • Recall the five layers in computer networks: • Q: In what layer do you think we should apply security tool? Application Transport We secure everything coming from above. Network Link Physical Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  5. Security in Application Layer • We design a security module for a specific application: • Different applications may need different security efforts. • Case Study: • Securing Emails • Q: What are the security needs for emails? Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  6. . . KS( ) KS( ) + + + - KB(KS ) KB(KS ) KB KB - + KS KS(m) KS(m) m m KS KS . . + - KB( ) KB( ) Secure e-mail: Confidentiality • Alice wants to send confidential e-mail, m, to Bob. Internet • Notations: • KS: A symmetric key • KB: Bob’s public key • KS: Bob’s private key + - Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  7. . . KS( ) KS( ) + + + - KB(KS ) KB(KS ) KB KB - + KS KS(m) KS(m) m m KS KS . . + - KB( ) KB( ) Secure e-mail: Confidentiality • Alice wants to send confidential e-mail, m, to Bob. Internet • Alice: • Generates a random symmetric key KS • Encrypts message with KS • Also encrypts KS with Bobs public key • Sends both KS(m) and KB(KS) to Bob Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  8. . . KS( ) KS( ) + + + - KB(KS ) KB(KS ) KB KB - + KS KS(m) KS(m) m m KS KS . . + - KB( ) KB( ) Secure e-mail: Confidentiality • Alice wants to send confidential e-mail, m, to Bob. Internet • Bob: • Uses his private key to decrypt and recover KS • Uses KS to decrypt KS(m) to recover m Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  9. + - KA KA - + . . + - KA( ) KA( ) . . - - KA(H(m)) KA(H(m)) H(m ) m H( ) H( ) compare Internet m H(m ) m Secure e-mail: Authentication • Alice wants to provide sender authentication message integrity • Alice digitally signs message • Sends both message and digital signature Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  10. . KS( ) + - + KB(KS ) KB KA + + KS m . - KA( ) . - KA(H(m)) H( ) m Internet KS . + KB( ) Secure e-mail: Authentication • Alice wants to provide both secrecy and authentication. Alice uses three keys: her private key, Bob’s public key, newly created symmetric key Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  11. . KS( ) + - + KB(KS ) KB KA + + KS m . - KA( ) . - KA(H(m)) H( ) m Internet KS . + KB( ) Secure e-mail: Authentication • Alice wants to provide both secrecy and authentication. Q: What are the steps on the Bob’s side? Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  12. Secure e-mail: Example • PGP (Pretty Good Privacy) Protocol -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bob: Can I see you tonight? Passionately yours, Alice -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv yhHJRHhGJGhgg/12EpJ+lo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2 -----END PGP SIGNATURE----- m - KA(H(m)) Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  13. Secure e-mail: Example • PGP (Pretty Good Privacy) Protocol -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Bob: Can I see you tonight? Passionately yours, Alice -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv yhHJRHhGJGhgg/12EpJ+lo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2 -----END PGP SIGNATURE----- m - KA(H(m)) -----BEGIN PGP MESSAGE----- Version: PGP for Personal Privacy 5.0 u2R4d+/jKmn8Bc5+hgDsqAewsDfrGdszX68liKm5F6Gc4sDfcXyt RfdSlOjuHgbcfDssWe7/K=lKhnMikLo0+l/BvcX4t==Ujk9PbcD4 Thdf2awQfgHbnmKlok8iy6gThlp -----END PGP MESSAGE + KB (…) Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  14. Security in Transport Layer • This is not application-specific. • Case Study: • SSL: Secure Sockets Layer • Transport Later Security to TCP-based apps. We secure everything coming from above. Application Transport Network Link Physical Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  15. SSL: Secure Sockets Layer • Widely deployed protocol • Supported by almost all browsers, web servers • HTTPS • First Implementation: • Netscape • Provides • Confidentiality • Data Integrity • Authentication • Original goals: • Web e-commerce transactions • Encryption (especially credit-card numbers) • Web-server authentication • Optional client authentication • Available to all TCP apps • Secure socket interface Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  16. SSL Example – Online Purchase • Confidentiality: Credit Card Information • Data Integrity: Altering Your order (e.g., address) • Server Authentication: Fake Amazon Website! Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  17. Application Application SSL TCP TCP IP IP normal application application with SSL SSL and TCP/IP • SSL provides application programming interface (API) to application developers to use “secure sockets”. • C and Java SSL libraries/classes readily available Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  18. . KS( ) + + - KB(KS ) KB KA + + . - KA( ) . - KA(H(m)) H( ) . + KB( ) SSL Approach: Something Like PGP KS m m Internet KS • But want to send byte streams & interactive data(Q: Why?) • Want set of secret keys for entire connection • Want certificate exchange as part of protocol: handshake phase Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  19. SSL Lifetime • Handshake:Alice and Bob use their certificates, private keys to authenticate each other. • Now, they can exchange shared secret • Key Derivation: Alice and Bob use shared secret to derive set of [symmetric] keys. • Data Transfer:Exchange encrypted byte streams. • Connection Closure: special messages to securely close connection (Q: Why securely?) Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  20. SSL: A Simple Handshake SSL hello public key certificate KB+(MS) = EMS KB-(EMS) MS: Master Secret EMS: Encrypted Master Secret To Generate Symmetric Keys [ More details on handshake coming soon! ] Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  21. SSL: Key Derivation • Generate and use different keys for • Message Authentication Code (MAC) • Data Encryption • Using Key Derivation Function (KDF) and Master Key (MS), Bob and Alice generate four different keys: • KB = Encryption key for data sent from Bob to Alice • MB = MAC key for data sent from Bob to Alice • KA = Encryption key for data sent from Alice to Bob • MA = MAC key for data sent from Alice to Bob Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  22. SSL: Data Records • Break down the byte stream into series of records • Each record carries a separate MAC • Receiver can act on each record as it arrives • E.g., separate message identification in instant messaging • Issue: Receiver needs to distinguish MAC from data • Want to use variable-length records  Indicate Data Length length data MAC Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  23. SSL: Sequence Numbers • Problem: attacker can capture and replay record or re-order records – Is it a new message? Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  24. SSL: Sequence Numbers • Problem: attacker can capture and replay record or re-order records – Is it a new message? • Solution: put sequence number into MAC: • MAC = MAC(Mx, sequence||data) • Note: no separate sequence number field (Unlike TCP) Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  25. SSL: Sequence Numbers • Problem: attacker can capture and replay record or re-order records – Is it a new message? • Solution: put sequence number into MAC: • MAC = MAC(Mx, sequence||data) • Note: no separate sequence number field (Unlike TCP) • Problem: attacker could replay all records • Solution: use nonce (a number used once in a life-time) Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  26. SSL: Control Information • Problem: truncation attack: • Attacker forges TCP connection close segment • One or both sides think there is less data than actually is. • Solution: record types, with one type for closure • Type 0 for data; Type 1 for closure • MAC = MAC(Mx, sequence||type||data) data length type MAC Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  27. hello certificate, nonce KB+(MS) = EMS type 0, seq 1, data type 0, seq 2, data type 0, seq 1, data type 0, seq 3, data type 1, seq 4, close type 1, seq 2, close SSL: Summary bob.com encrypted Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  28. SSL: We Are Not Done Yet! • How long are fields?  Standard • Which encryption protocols? • Want negotiation? • Allow Bob (client) and Alice (server) to support different encryption algorithms • Allow Bob (client) and Alice (server) to choose together specific algorithm before data transfer. Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  29. SSL Encryption Protocol Selection • Cipher Suite • Public-key algorithm • Symmetric encryption algorithm • MAC algorithm • SSL supports many cipher suites • DES – Data Encryption Standard: block • 3DES – Triple strength: block • RC2 – Rivest Cipher 2: block • RC4 – Rivest Cipher 4: stream Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  30. SSL: Handshake Details Purpose • Server authentication • Negotiation: agree on crypto algorithms • Establish keys • Client authentication (optional) Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  31. SSL: Handshake Details • Client sends list of algorithms it supports • Along with client nonce • Server chooses algorithms from list; sends back: choice + public key certificate + server nonce Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  32. SSL: Handshake Details • Client • Verifies server’s public key certificate with a CA • Generatesmaster_secret, • Encrypts it using server’s public key • Sends the encryption result back to the server • Using its private key, the server obtains master_secret. Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  33. SSL: Handshake Details • Client and server use • master_secret • Nonces to independently compute: • Encryption • MAC keys Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  34. SSL: Handshake Details • Client sends a MAC in all the handshake messages • Server sends a MAC in all the handshake messages Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  35. SSL Programming • SSL programming tutorial: • http://h71000.www7.hp.com/doc/83final/ba554_90007/ch04s03.html Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  36. Security in Network Layer • This is not application-specific. • Case Study: • IPSec: Internet Protocol (IP) Security Protocol • VPN: Virtual Private Networks (Using IPSec) Application We secure everything coming from above. Transport Network Link Physical Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  37. What is Network-layer Confidentiality? Between two network entities: • Sending entity encrypts datagram (Q: why?) payload. • Payload could be: • TCP or UDP segment, ICMP message, ... • Indifferent to the content: • Web pages, e-mail, P2P file transfers, TCP SYN packets … • “Blanket Coverage” Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  38. Virtual Private Networks (VPNs) Motivation: • Institutions often want private networks for security. • Cost: Separate routers, links, DNS infrastructure. • Feasibility: Members are not always physically co-located. • VPN: Inter-office traffic is sent over public Internet, but • Encrypted before entering public Internet • Logically separated from other traffic Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  39. IP header IP header IP header IPsec header IPsec header IPsec header Secure payload Secure payload Secure payload IP header IP header payload payload Virtual Private Networks (VPNs) Laptop w/ IPsec publicInternet Salespersonin a Hotel Router w/ IPv4 and IPsec Router w/ IPv4 and IPsec Branch Office Headquarters Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  40. IP header IP header IP header IPsec header IPsec header IPsec header Secure payload Secure payload Secure payload IP header IP header payload payload Virtual Private Networks (VPNs) Laptop w/ IPsec publicInternet Salespersonin a Hotel Router w/ IPv4 and IPsec Router w/ IPv4 and IPsec No Need for IPsec Branch Office Headquarters Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  41. IP header IP header IP header IPsec header IPsec header IPsec header Secure payload Secure payload Secure payload IP header IP header payload payload Virtual Private Networks (VPNs) Laptop w/ IPsec publicInternet Salespersonin a Hotel Router w/ IPv4 and IPsec Router w/ IPv4 and IPsec Must Use IPsec Branch Office Headquarters Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  42. IPsec Services • Data integrity • Origin authentication • Replay attack prevention (Sliding Window) • Confidentiality • Two protocols to send and receive secure datagrams: • Authentication Header (AH) • Encapsulated Security Payload (ESP) Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  43. IPsec Services • Authentication Header (AH) • Source Authentication • Data Integrity • Encapsulated Security Payload (ESP) • Source Authentication • Data Integrity • Confidentiality Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  44. IPsec Services • Authentication Header (AH) • Source Authentication • Data Integrity • Encapsulated Security Payload (ESP) • Source Authentication • Data Integrity • Confidentiality Critical Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  45. IPsec Services • Authentication Header (AH) • Source Authentication • Data Integrity • Encapsulated Security Payload (ESP) • Source Authentication • Data Integrity • Confidentiality More Popular (Our Focus) Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  46. IPsec – Tunneling Mode IPsec IPsec IPsec IPsec • Hosts IPsec-aware • Edge routers IPsec-aware Tunnel Mode Host Mode Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  47. Security Associations (SAs) • In ESP, before sending data, a “security association (SA)”is established from sending to receiving entity • Receiving entitles maintain state information about SA • SA is opened • SA is closed • Details: How many SAs in VPN w/ headquarters, branch office, and n traveling salespeople? Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  48. Example SA from R1 to R2 Internet headquarters branch office 200.168.1.100 193.68.2.23 security association R1 R2 172.16.1/24 172.16.2/24 Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  49. Example SA from R1 to R2 Internet headquarters branch office 200.168.1.100 193.68.2.23 security association R1 R2 172.16.1/24 172.16.2/24 Initiating Router Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU

  50. Example SA from R1 to R2 Internet headquarters branch office 200.168.1.100 193.68.2.23 security association R1 R2 172.16.1/24 172.16.2/24 Receiving Router Summer Workshop on Cyber Security August 14 - 18 , 2014 – Network Security, Part 3, UCR & TTU