1 / 22

Security

Security. Chapter 8. Part II Secure Channels. Secure Channels. Secure Channels: Authentication Integrity & Confidentiality Protect against Interception (by ensuring confidentiality) Modification (by mutual authentication and ensuring message integrity)

franz
Download Presentation

Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Security Chapter 8 Part II Secure Channels

  2. Secure Channels • Secure Channels: • Authentication • Integrity & Confidentiality • Protect against • Interception (by ensuring confidentiality) • Modification (by mutual authentication and ensuring message integrity) • Fabrication (same as modification ) • Not enough for interruption

  3. Authentication and Integrity • Cannot do without each other • Authentication w/o integrity: • A can be guaranteed that m is from B • No guarantees that m has not been modified • Integrity w/o authentication: • A can be guaranteed that m has not been modified • No guarantees that m was from B

  4. AuthenticationChallenge-Response Protocol (1) • Authentication based on a shared secret key.

  5. AuthenticationChallenge-Response Protocol (2) • Authentication based on a shared secret key, but using three instead of five messages.

  6. AuthenticationThe Reflection Attack • Successful attack by Chuck (C) for the Challenge-Response Protocol with fewer messages (version 2)

  7. Secret Key Limitations • Secret key does not scale well • Need a key for each pair of parties • For N users/processes, need • N(N – 1)/2 keys • Each host has to manage N – 1 keys • Alternative: Centralized approach! • Key Distribution Center

  8. AuthenticationKey Distribution Center (1) • The principle of using a KDC.

  9. AuthenticationKey Distribution Center (2) • Using a ticket and letting Alice set up a connection to Bob.

  10. AuthenticationNeedham-Schroeder Protocol (1) • The Needham-Schroeder authentication protocol.

  11. AuthenticationNeedham-Schroeder Protocol (2) • KA,KDC(RA1,B,KA,B, KB,KDC(A,KA,B) • Nonce (RA1): random number used only once • Relate messages to each other • What if you we don't use nonce? • C steals B’s old key K’B,KDC • C intercepts an old response KA,KDC(RAx, B,KA,B, K’B,KDC(A,KA,B) • Previously returned by KDC to A • C waits for A to connect to KDC again • C can fool A

  12. AuthenticationNeedham-Schroeder Protocol (3) • KA,KDC(RA1,B,KA,B, KB,KDC(A,KA,B) • Including B protects A against: • If B is left out, C could modify m1 replacing B with C • KDC thinks A is setting a channel up with C • Returning RA2 – 1 proves that B: • knows the key • And decrypted the challenge • (note that RA2 is enough in this case) • If C ever gets a hold of an old key K’A,B, C could replay m3!

  13. AuthenticationNeedham-Schroeder Protocol (4) • Protection against malicious reuse of a previously generated session key in the Needham-Schroeder protocol.

  14. AuthenticationPublic-Key Protocol • Mutual authentication in a public-key cryptosystem.

  15. Message Integrity and Confidentiality • Confidentiality: use cryptography • Integrity: • Authentication is not sufficient • Example: contract negotiation (A sells something to B) • Need assurance for A that B cannot deny the agreement • Need assurance for B that A does not change the message (the term of the agreement) • Solution: use digital signatures

  16. Digital Signatures • Need a unique association between the message and the signature • If B (the buyer) signs the message • B cannot bail out • B can verify the message is genuine, preventing A from changing the terms of the agreement

  17. Digital Signatures – Public Key • Digital signing a message using public-key cryptography.

  18. Digital Signatures – Public KeyProblems • A can bail out by claiming KA- was stolen • A decides to change the keys • Good idea! • A’s statement to B becomes useless • Need a central registry to keys (like PGP) • Encrypting all of m might be infeasible • Solution: encrypt a message digest • h = H(m), h has a fixed length

  19. Digital Signatures – Message Digest • If m is changed to m’, H(m)  H(m’)

  20. Session Keys • Use one key for all sessions (long-lasting key) or a different key for each session (session key)? • Session keys: • Protect against replay attacks • Only one session is affected if key is compromised • Replacing keys often is expensive • Use a combination of long-lasting and session keys

  21. Secure Group Communication • Protecting communication between a group of N members • Confidentiality: • Use one shared key • Trust?, more vulnerable than two-party communication • Use one shared key for each pair of members • Need N(N-1)/2 keys • Use public key • Need N keys only

  22. Secure Replicated Services • Sharing a secret signature in a group of replicated servers.

More Related