Notes on Network Security Issues

Notes on Network Security Issues From security courses at: Stern School of Business, NYU Georgia Tech

Attacks • An attack occurs when someone attempts to use a vulnerability • Kinds of attacks • Passive (e.g., eavesdropping) • Active (e.g., password guessing) • Denial of Service (DOS) • Distributed DOS – using many endpoints • A compromise occurs when an attack is successful • Typically associated with taking over resources

Eavesdropping - Message Interception (Attack on Confidentiality) • Unauthorized access to information • Packet sniffers and wiretappers • Illicit copying of files and programs R S Eavesdropper

Integrity Attack - Tampering With Messages • Stop the flow of the message • Delay and optionally modify the message • Release the message again R S Perpetrator

Authenticity Attack - Fabrication • Unauthorized assumption of other’s identity • Generate and distribute objects under this identity R S Masquerader: from S

R S Attack on Availability • Destroy hardware (cutting fiber) or software • Modify software in a subtle way (alias commands) • Corrupt packets in transit • Blatant denial of service (DoS): • Crashing the server • Overwhelm the server (use up its resource)

Trust • Trust refers to the degree to which an entity is expected to behave • A trust model describes, for a particular environment, who is trusted to do what? • Note: you make trust decisions every day People - the biggest security risk? • A CompTIA study identified human error as a major underlying factor in 63% of security breaches

What is Authentication? • Short answer: establishes identity • Answers the question: To whom am I speaking? • Long answer: evaluates the authenticity of identity proving credentials • Credential – is proof of identity • Evaluation – process that assesses the correctness of the association between credential and claimed identity • for some purpose • under some policy

What is Identity? • That which gives you access … which is largely determined by context • We all have lots of identities • Pseudo-identities • Really, determined by who is evaluating credential • Driver’s License, Passport, SSN prove … • Credit cards prove … • Signature proves … • Password proves … • Voice proves …

Something you know … • Passport number, mothers maiden name, last 4 digits of your social security, credit card number • Passwords and pass-phrases • Note: passwords are generally pretty weak • University of Michigan: 5% of passwords were goblue (followed by: love, beer) • Passwords used in more than one place • Not just because bad ones selected: If you can remember it, then a computer can guess it • Computers can often guess very quickly

Something you have … • Tokens (transponders, …) • Speedpass, EZ-pass • Smartcards • Digital Certificates (used by Websites to authenticate themselves to customers)

Something you are … • Biometrics • Measures some physical characteristic • Fingerprint, face recognition, retina scanners, voice, signature, DNA • Can be extremely accurate and fast • Active biometrics authenticate, passive biometrics recognize • What is the fundamental problem? • Revocation – lost fingerprint? • Great for physical security, generally not feasible for on-line systems

Encryption algorithm • Algorithm used to make content unreadable by all but the intended receivers E(plaintext,key) = ciphertext D(ciphertext,key) = plaintext • Algorithm is public, key is private • Block vs. Stream Ciphers • Block: input is fixed blocks of same length • Stream: stream of input

Symmetric key cryptography • Traditional use of cryptography • Symmetric keys, where A single key is used is used for E and D D( E(p,k1), k1 ) = p • All (intended) receivers have access to key • Note: Management of keys determines who has access encrypted data • E.g., password encrypted email

Data Encryption Standard (DES) • Introduced by the US NBS (now NIST) in 1972 • Signaled the beginning of the modern area of cryptography • Block cipher • Fixed sized input • 8-byte input and a 8-byte key (56-bits+8 parity bits)

DES Top View 56-bit Key 64-bit Input 48-bit K1 Generate keys Permutation Initial Permutation 48-bit K1 Round 1 48-bit K2 Round 2 …... 48-bit K16 Round 16 Swap 32-bit halves Swap Final Permutation Permutation 64-bit Output

Cryptanalysis of DES • DES has an effective 56-bit key length • Wiener: 1,000,000$ - 3.5 hours (never built) • July 17, 1998, the EFF DES Cracker, which was built for less than $250,000 < 3 days • January 19, 1999, Distributed.Net (w/EFF), 22 hours and 15 minutes (over many machines) • We all assume that NSA and agencies like it around the world can crack (recover key) DES in seconds • What now? Give up on DES? Try variants Triple DES etc.

Diffie-Hellman Key Exchange • g and p known to both Alice Bob pick secret Sa randomly pick secret Sb randomly compute TA=gSa mod p compute TB=gSbmod p send TA to Bob send TB to Alice compute TBSamod p compute TASbmod p Alice and Bob reached the same secret gSaSbmod p, which is then used as the shared key.

Diffie-Hellman Scheme • Security factors • Discrete logarithm very difficult. • Shared key (the secret) itself never transmitted. • Disadvantages: • Expensive exponential operation • DoS possible. • The scheme itself cannot be used to encrypt anything – it is for secret key establishment. • No authentication, so you can not sign anything …

Bucket Brigade Attack...Man In The Middle Attack Alice Trudy Bob gSa=123 gSx =654 gSb =255 123 --> 654 --> <--654 <--255 654Sa=123Sx255Sx=654Sb • Trudy plays Bob to Alice and Alice to Bob

Public Key Cryptography • Public Key cryptography • Each key pair consists of a public and private component: k+ (public key), k- (private key) D( E(p, k+), k- ) = p D( E(p, k-), k+ ) = p • Public keys are distributed (typically) through public key certificates • Anyone can communicate secretly with you if they have your certificate • E.g., SSL-base web commerce

RSA (Rivest, Shamir, Adelman) • A dominant public key algorithm • The algorithm itself is conceptually simple • Why it is secure is very deep (number thoery) • Use properties of exponentiation modulo a product of large primes • "A method for obtaining Digital Signatures and Public Key Cryptosystems“, Communications of the ACM, Feb., 1978 21(2) pages 120-126.

The symmetric/asymmetric key tradeoff • Symmetric (shared) key systems • Efficient (Many MB/sec throughput) • Difficult key management • Kerberos • Key agreement protocols • Asymmetric (public) key systems • Slow algorithms (so far …) • Easy key management • PKI - public key infrastructures • Webs of trust (PGP)

Hash Algorithms • Hash algorithm • Compression of data into a hash value • E.g., h(d) = parity(d) • Such algorithms are generally useful in programs • … as used in cryptosystems • One-way - (computationally) hard to invert h() , i.e., compute h-1(y), where y=h(d) • Collision resistant hard to find two data x1 and x2 such that h(x1) == h(x2) • Q: What can you do with these constructs?

Message Digest 5 (MD5) 512-bit message chunks (16 words) Initial 128-bit vector 128-bit result

Hashed Message Authentication Code • HMAC • Authenticates/integrity for data d • Uses some key k and hash algorithm h • To simplify, hmac(k,d) = h( k+d ) • Why does this provide authenticity? • Can not produce hmac(k,d) unless you know k and d • If you could, then can invert h • Used in protocols to authenticate content

Digital Signatures • Models physical signatures in digital world • Association between private key and document • … and indirectly identity and document. • Asserts that document is authentic and non-reputable • To sign a document • Given document d, private key k- • Signature S(d) = E( k-, h(d) ) • Validation • Given document d, signature S(d), public key k+ • Validate D(k+, S(d)) = H(d) • Q: Are Digital Signatures Legally binding?

Web security: the high bits • The largest distributed system in existence • threats are as diverse as applications and users • But need to be thought out carefully … • The stakeholders are … • Consumers (users, businesses, agents, …) • Providers (web-servers, IM services, …) • Another way of seeing web security is • Securing the web infrastructure such that the integrity, confidentiality, and availability of content and user information is maintained

Web Authentication • Authentication is a bi-directional process • Client • Server • Mutual authentication • Several standard authentication tools • Basic (client) • Digest (server) • Secure Socket Layer (server, mutual) • Cookies (indirect, persistent)

Basic Authentication Problems • Passwords easy to intercept • Passwords easy to guess • Passwords easy to share • No server authentication • Easy to fool client into sending password to malicious server • One intercepted password gives eavesdropper access to many documents

Challenge and Response • Challenge (“nonce”): any changing string • e.g. Random Number, Timestamp etc • Response: challenge encrypted with hashed password • Server-specific implementation options • One-time nonces • Time-stamped nonces • Method authentication digests

Advantages of Digest over Basic • Cleartext password never transmitted across network • Cleartext password never stored on server • Replay attacks difficult • Intercepted response only valid for a single URL • Shared disadvantages • Vulnerable to man-in-the-middle attacks • Document itself can be sniffed

What is a Digital Certificate? • A certificate … • … makes an association between a user identity/job/attribute and a private key • … contains public key information {e,n} • … has a validity period • … is signed by some certificate authority (CA) • Issued by CA for some purpose • Verisign is in the business of issuing certificates • People trust Verisign to vet identity

Root CA1 CA2 CA3 CA11 CA12 CA1n CA21 CA22 Cert11a Cert11b Cert11c What is a Public Key Infrastructure? • Rooted tree of CAs • Cascading issuance • Any CA can issue cert • Parent CAs issue certs for child CAs … … … … … … …

Secure Socket LAYER • Used to authenticate servers • Uses certificates, “root” CAs • Can authenticate clients • Inclusive security protocol • Security at the socket layer • Transport Layer Security HTTP SSL TCP IP

SSL Operation • Phase 1: the SSL Handshake • Establishes algorithms used throughout • Authenticates parties • Establishes master secret • Used to create other secrets • Encryption Key (client-server) • Encryption Key (server- client) • Authentication Key (client-server) • Authentication Key (server-client)

Advantages of SSL • Confidential session • Server authentication* • GUI clues for users • Built into every browser • Easy to configure on the server • Protocol has been analyzed like crazy • Seems like you are getting security “for free”

Secure Electronic Transaction • An open encryption and security specification for credit card transaction on the Internet • Main requirements • Confidentiality of payment and ordering information • Integrity of all transmitted data • Authentication of cardholder • Authentication of merchant

Basic Workflow 5 ship order payment gateway buyer 3 OI + PI 6 payment req 2 order form 1 browse merchant 4 auth req

Network security: the high bits • The network is … • … a collection of interconnected computers • … with resources that must be protected • … from unwanted inspection or modification • … while maintaining adequate quality of service. • Another way of seeing network security is • Securing the network infrastructure such that the integrity, confidentiality, and availability of the resources is maintained. • Q: How do we do this?

Filtering: the threats • Adversary 1: some external network entity attempting to gain access to internal resources • Adversary 2: some internal, but malicious entity (or software) trying to expose sensitive data • Adversary 3: some internal or external entity that is preventing access to internal resource (DOS)

Untrusted Networks & Servers Firewall Trusted Networks Untrusted Users Internet Router Intranet Public Accessible Servers & Networks DMZ Trusted Users What is a firewall? • Device that provides secure connectivity between networks (internal/external; varying levels of trust) • Used to implement and enforce a security policy for communication between networks

Specifies what traffic is (not) allowed Maps attributes to address and ports Example: HTTP should be allowed to any external host, but inbound only to web-server Firewall Policies

Decisions made on a per-packet basis No state information saved Processing intensive Lower level monitoring Relay for connections Client  Proxy  Server Recognizes application protocol such as HTTP Can implement authentication and access rules on per protocol basis Packet Filters / Application Gateways

Communications Security • A host wants to establish a secure channel to remote hosts over an untrusted network • Not Login – end-users may not even be aware that protections in place • Remote hosts may be internal or external • The protection service must … • Authenticate the end-points (each other) • Negotiate what security is necessary (and how) • Establish a secure channel • Process the traffic between the end points

IPsec (not IPSec!) • Host level protection service • IP-layer security (below TCP/UDP) • De-facto standard for host level security • Developed by the IETF (over many years) • Now available in most operating systems • E.g., Available in XP, OS X, Linux, BSD*, … • Implements a wide range of protocols and cryptographic algorithms • Provides …. • Confidentiality, integrity, authenticity, replay protection, DOS protection

IPsec Protocol Suite Policy/ Configuration Managent Key Management Packet Processing (SPS) Security Policy System Manual (ESP) Encapsulating Security Payload (IKE) Internet Key Exchange (AH) Authentication Header

New IP Header AH or ESP Header Orig IP Header TCP Data IPsec in Tunnel Mode Encrypted Tunnel Gateway Gateway Encrypted Unencrypted Unencrypted A B

Network Isolation: VPNs • Idea: I want to create a collection of hosts which operate in a coordinated way • E.g., a virtual security perimeter over physical network • Hosts work as if they are isolated from malicious hosts • Solution: Virtual Private Networks • Create virtual network topology over physical network • Use communications security protocol suites to secure virtual links “tunneling” • Manage networks as if they are physically separate • Hosts can route traffic to regular networks (split-tunneling)

Notes on Network Security Issues

Notes on Network Security Issues

Presentation Transcript

Banks Banking on Network Security

Notes on security assessment

A Survey of Social Network Security Issues

Network Issues

Security issues

Security Issues

Network Security Issues

ECE579S: Computer and Network Security 4: Network Security Issues

Addressing Network Security Issues

Windows Security On a Network

Computer and Network Security Issues –the Security Officer’s Perspective

Network Security Issues

Security Issues

Research on Sensor Network Security

Building Enterprise Applications: Security Issues Outline notes only

Security Issues in Mobile Ad-Hoc Network

Cryptography and Network Security, resuming some notes

Summarizing Network Security Data (presentation includes notes)

A Survey on Wireless Body Area Network Sensors and Security Issues

Security Issues

Network Issues

Cryptography and Network Security, resuming some notes