1 / 66

Distributed Operating Systems CS551

This lecture covers topics related to distributed security, including cryptography, authentication, and access controls such as firewalls. It discusses encryption algorithms, private and public keys, symmetric and asymmetric encryption, and key exchange methods.

bsylvia
Download Presentation

Distributed Operating Systems CS551

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Distributed Operating SystemsCS551 Colorado State University at Lockheed-Martin Lecture 9 -- Spring 2001

  2. CS551: Lecture 9 • Topics • Distributed Security (Chapter 11) • Cryptography & Digital Signatures • Authentication • Access Controls (Firewalls) • Other Algorithms CS-551, Lecture 9

  3. Terms • Computer security: “frequently consists of two parts: authentication and access control” • Authentication: “involves the verification and identification of a valid user” • Access control: “strives to prevent unwanted tampering with data files and system resources” CS-551, Lecture 9

  4. Terms, continued • Encryption: “encoding data using a key in such a manner that an eavesdropper cannot easily read the data” • Plaintext: “ the original data” • Ciphertext: “the encrypted data” • Decryption: “going from ciphertext to plaintext” CS-551, Lecture 9

  5. Terms, concluded • Computationally secure: “An encryption algorithm is computationally secure if the system cannot be broken by systematic analysis with available resources.” • Private key versus public key • Symmetric versus asymmetric encryption CS-551, Lecture 9

  6. Simple Encryption • Cereal box code ring • See Java assignment on encryption • Caesar cipher • Polyalphabetic cipher CS-551, Lecture 9

  7. Figure 11.1 Alice and Bob Use Cryptography. Read I as J in Cypher text CS-551, Lecture 9

  8. Symmetric Encryption • “encryption algorithms where the encryption and the decryption algorithm utilize the same key” • Examples: • Caesar cipher • Polyalphabetic cipher • Key must be private • “Secret-key encryption” • Q: how to communicate the key? • Diffie-Hellman key exchange CS-551, Lecture 9

  9. Figure 11.5  Diffie-Hellman Key exchange. CS-551, Lecture 9

  10. DES: Data Encryption Standard • Popular private key encryption method • US standard (NIST 1977) • Based on IBM’s LUCIFER system • 64-bit key (8 for error detection) • Encrypts data in blocks of 64 bits • 70,000,000,000,000,000 possible keys • Three-phrase encryption and decryption CS-551, Lecture 9

  11. DES Phase 1: Initial Permutation • A permutation of the 64-bit block, changing the order of bits within each block • Each 64-bits broken up into two halves • L0, left half • R0, right half • See DES Permutation Table • E.g. the new first bit was the 58th bit • The new last bit was the 7th bit CS-551, Lecture 9

  12. Table 11.1  DES Initial Permutation [NIST77]. CS-551, Lecture 9

  13. DES Phase 2: Shifting (16 times) • Table-dependent • Each shift uses different subblock of key • Which subblock is used is determined by • another set of tables • its own shifting algorithm • The subscripts of the left and right halves are incremented with each shift CS-551, Lecture 9

  14. DES Phase 3: Inverse Permutation • Similar to Phase 1 • Permutes order of bits within each block • Employs the DES Inverse Permutation table • Generates the final ciphertext • See figure 11.2 CS-551, Lecture 9

  15. Table 11.2 DES Inverse Permutation [NIST77]. CS-551, Lecture 9

  16. Figure 11.2  The Three Phases of DES. CS-551, Lecture 9

  17. Triple DES • Enhanced security • Employs three 64-bit keys • DES is used three times on the data, each time with a different key • E(P, k1) = C1 • E(C1, k2) = C2 • E(C2, k3) = C3(ciphertext) CS-551, Lecture 9

  18. Figure 11.3  Triple DES. CS-551, Lecture 9

  19. Asymmetric Encryption • Involves two keys • A public key, ku • A private key, kr • E(P, ku) = C and D(C, kr) = P OR • E(P, kr) = C and D(C, ku) = P • Do not decrypt ciphertext with same key as encryption key • Mathematically difficult to obtain one key from the other • Example: Diffie-Hellman, 1976 CS-551, Lecture 9

  20. Figure 11.4  Public-Key Cryptography. Output is ???? Does not use Kr Appears to use Ku Where Kr != Ku CS-551, Lecture 9

  21. RSA • By Rivest, Shamir, and Adleman (1978) • A public-key encryption algorithm • Patented • Three phases CS-551, Lecture 9

  22. RSA Phase 1 • Determining public and private keys • Choose two large prime numbers, P and Q • Compute N = P * Q • Compute F(N) = (P – 1) (Q – 1) • Choose e: 1 <= e <= N–1; GCD (e, F(N)) = 1 • Compute d, where ed = 1 (mod F(N)) • Make d and N public as they make up the public key CS-551, Lecture 9

  23. RSA Phases 2 and 3 • Phase 2: Encrypting the message, M • 1 <= M <= N – 1 • C = Me (mod N), ciphertext • Phase 3: Decrypting the ciphertext, C • Cd (mod N) = M, original message CS-551, Lecture 9

  24. RSA Example • Phase 1: • Alice chooses P=5, Q=11 • So, N = P*Q = 55 • F(N) = (P - 1) (Q - 1) = 40 • Choose e = 7 [GCD(40,7) = 1] • Determine D = 23 since 7*23 (mod 40) = 161 (mod 40) = 1 CS-551, Lecture 9

  25. RSA Example, continued • Phase 2 • Send message M = 25 • Compute C = Me (mod N) = 257 (mod 55) = 610,351,625 (mod 55) = 20 (ciphertext) CS-551, Lecture 9

  26. RSA Example, concluded • Phase 3 • C = 20 • Cd (mod N) = M So 2023 (mod 55) = 8388608 *1023 (mod 55) = 25 = M CS-551, Lecture 9

  27. Figure 11.5  Diffie-Hellman Key exchange. CS-551, Lecture 9

  28. Diffie-Hellman Example • Alice and Bob agree to let p=11, a=7 • Alice generates x=5, where 2 <= 5 <= 11-1 • Alice computes ax (mod p) = 75 (mod 11) = 16807 (mod 11) = 10 and sends 10 to Bob • Bob generates y=8, where 2 <= 8 <= 11 • Bob computes ay (mod p) = 78 (mod 11) = 5,764,801 (mod 11) = 9 and sends 9 to Alice • Bob computes (ax)y (mod p) = (75)8 (mod 11) = 75*8 (mod 11) • Alice computes (ay)x (mod p) = (78)5 (mod 11) = 78*5 (mod 11) CS-551, Lecture 9

  29. Digital Signatures with Public-Key Encryption • Employs RSA • May use private key to encrypt • Entire file (expensive) • Just signature • Advantage: no key distribution problems • Recipient may use public key to decrypt and verify origin • Only proper public key will decrypt CS-551, Lecture 9

  30. Authentication • Several steps necessary • First step is verifying identity of user • Three methods • User password • User key • Uniqueness of user (fingerprint, retina pattern) • Note: these methods work on centralized systems as well CS-551, Lecture 9

  31. Authentication in a DS • Concerns: • Eavesdropping • Multiple password management • Replay • Trust • Common solution: certificates CS-551, Lecture 9

  32. Certificates • “a computer-generated, frequently time-valid, authenticated packet of information” • Time-valid => prevents later replay • Can be done with timestamp or nonce • Nonce: “a random value unique for each communication” • Two approaches: • List of certificates, e.g. X.509 • Centralized certificate distribution center CS-551, Lecture 9

  33. Figure 11.6  Certificate List Utilized in Secure RPC. CS-551, Lecture 9

  34. Figure 11.7  Three-Way X.509 Authentication. CS-551, Lecture 9

  35. Figure 11.8  Chaining Certificate Authorities in X.509. CS-551, Lecture 9

  36. Figure 11.9  Kerberos Phase 1 Details. IDT = Ticket Granting Service’s ID IDC = Client’s ID IDS = Server’s ID Ni = Nonce value KC = Client’s private key KS = Application Server’s key KT = Ticket Granting Service’s private key K1 = System Ticket K2 = Service Ticket TS = Starting Time Stamp TE = Ending Time Stamp E(a,K) = Applications on encryption algorithm to a with key K CS-551, Lecture 9

  37. Figure 11.10  Kerberos Phase 2 Details. CS-551, Lecture 9

  38. Figure 11.11 Kerberos Phase 3 Details. CS-551, Lecture 9

  39. Access Control (Firewalls) • Firewall: “should be immune to security threats and prevent all security threats from passing through the wall and to the system(s) it protects” • Categories • Packet-filtering gateways • Proxy services • Both types may be used together CS-551, Lecture 9

  40. Packet Filtering Gateways • “involves a security engineer who must explicitly state what may pass through the wall … what internal information may go out of the firewall as well as what outside locations are allowed … may specify what internal computer services may be shared with the outside world.” • “generally implemented on the router that connects the internal system to the outside world” CS-551, Lecture 9

  41. Firewall Routers • “provide a better user interface” • “easier to configure for security-based filtering” • Uses source/destination IP addresses • Checks IP addresses against table of rules CS-551, Lecture 9

  42. Proxy Servers • “represents an internal client’s services to the outside world” • Two basic types • Application-level gateway proxy services • Circuit-level proxy services CS-551, Lecture 9

  43. Application-level gateways • Bastion hosts • Dual-homed hosts CS-551, Lecture 9

  44. Circuit-level gateways • Transparent to user CS-551, Lecture 9

  45. Firewall Architectures • Bastion host architecture • Filtering host architecture • Filtering subnet architecture CS-551, Lecture 9

  46. Figure 11.12  Bastion Host Firewall Architecture. CS-551, Lecture 9

  47. Figure 11.13  Filtering Host Firewall Architecture. CS-551, Lecture 9

  48. Figure 11.14  Filtering Subnet Firewall Architecture. CS-551, Lecture 9

  49. Agreement Protocols • Distributed processes sometimes must agree • If some sites are faulty, this can be difficult • Need to identify/isolate the faults • Model assumptions: • n PEs, at most m PEs are faulty • PEs can communicate directly with each other • Receiver can always determine sender of a msg • Communication medium is reliable • PEs can fail CS-551, Lecture 9

  50. Synchronous Computation • A step (or round) consists of the following: • Receive messages • Compute • Send messages • PEs in lockstep • This model is assumed CS-551, Lecture 9

More Related