710 likes | 901 Views
ECE 544 Spring 2007 Lecture 10: Network Security. D. Raychaudhuri. Today’s Lecture. Introduction Security Services and Mechanisms, Security Attacks Model for Internet Security Cryptography Symmetric Key algorithms: DES, 3DES, RC4, etc.
E N D
ECE 544 Spring 2007Lecture 10: Network Security D. Raychaudhuri
Today’s Lecture • Introduction • Security Services and Mechanisms, Security Attacks • Model for Internet Security • Cryptography • Symmetric Key algorithms: DES, 3DES, RC4, etc. • Asymmetric Key algorithms: Public-keys, Hash Algorithms, Digital signatures • Security Protocols • Authentication, • IP security (IPSec),SSL(TSL), Mail Security(PGP) • System Security • viruses, intruders, worms • Firewalls
Introduction, Security Services • Confidentiality • Protection of transmitted data • Authentication • Assuring that communication is authentic • Integrity • Assuring that received message was not duplicated, modified, reordered, and replayed • Non-repudiation • Proving that message was in fact sent by the alleged sender. • Access Control • Ability to limit and control access to system • Availability • Loss of or reduction of availability(denial of service)
Introduction, Security Mechanisms • Encryption • DES, RC4, AES • Hash algorithms • MD5, SHA • Public key algorithms • RSA, Diffie-Hellman • Message integrity • Digital signatures & certificates • Public key distribution • Authentication algorithms • Kerberos
Introduction, Security Attacks • Interruption • System is destroyed or becomes unavailable or usable, blocking the communication. Link high-jacking • Interception • Unauthorized party gains access to communication, attack on confidentiality, decrypting communication, traffic analysis • Modification • Unauthorized party not only gains access but also tampers with communication. Changing value in data file • Fabrication • Unauthorized party inserts counterfeit information into communication, attack on integrity. Creating artificial messages.
Cryptography, Conventional Encryption Model • Cryptography: • Operation used for transforming plaintext to ciphertext • Substitution: elements in plaintext are mapped into another element • Transposition: elements in plaintext are rearranged • Number of key used • Both sender and receiver use the same key, system is symmetric single-key, secret-key or conventional encryption • Sender and receiver each uses a different key, system is asymmetric key • Way in which the plaintext is processed • Block cipher, input data processed block by block • Stream cipher, input data processed continuously • Cryptanalysis • Process (science) to break encryption
Conventional Encryption Ciphertext=Plaintext Key Plaintext=Ciphertext Key = (Plaintext Key) Key = Plaintext (Key Key) = Plaintext
Classical Encryption Techniques • Cesar Cipher • Plain: meet me after the party • Cipher: PHHW PH DIWHU WKH SDUWB C=E(p)=(p+3) mod(26) P=m+3 (m, 1-n,2-l, 3-o, “P”) • Polyalphabetic Cipher • Key: deceptiondeceptiond • Plain meetmeaftertheparty • Cipher qjhxcyjuhiwwkujjghc C=E(kp), is exclusive-or(XOR) • Rotor Machines: Famous “ENIGMA” These techniques became very weak around and after World War II.
Security Cryptography Security algorithms services Secret Public Message Privacy Authentication Message key key digest integrity (e.g., DES) (e.g., RSA) (e.g., MD5) Modern Security Taxonomy
Modern Cryptographic Algorithms Cryptography Algorithms • Secret Key (Symmetric) • Symmetric key • Block cipher • (DES, AES) • Stream ciphers • (RC4) • Public Key(Asymmetric) • Asymmetric key • Public-Private keys • (Diffie-Hellman, RSA) Hash algorithms Authentication and integrity checking (MD5, SHA)
What Cryptography Does? • Diffusion: • Statistical structure of the plaintext is dissipated into long range, each plaintext digit affects many ciphertext digits. • Confusion: • Seeks to make the relationship between the statistics of ciphertext and the encrypted value as complex as possible. P1 K = C1 P2 K = C2 C1 C2=P1 P2
Block Ciphers • Block of plaintext is treated as a whole and used to produce a ciphertext block of equal length. • Example: DES(Data Encryption Standard), AES(Advance Encryption Technique) Encryption Plaintext Blocks Of ciphertext Blocks Of plaintext Secret Key
General DES Encryption Algorithm 64 bit plaintext 56 bit key Initial permutation Permuted choice1 K1 Round 1 Permuted choice2 Left circular shift K2 Round 2 Permuted choice2 Left circular shift K16 Round 16 Permuted choice2 Left circular shift 32-bit swap Reverse Initial Perm. 64 bit ciphertext
Single Round of DES Algorithm 32 bits 28 bits 32 bits 28 bits L(i-1) R(i-1) C(i-1) D(i-1) Left shift (s) Expansion Left shift (s) 48 bits F Permutation Construction K(i) Choice/Perm C(i) D(i) L(i) R(i) L(i)=R(i-1), R(i)=L(i-1) F(R(i-1),K(i)
3DES • DES key is 56 bit, not good enough, but widely available in HW and SW, so use three times with different keys. Plaintext Ciphertext DES DES DES Output Input Shared Secret Key1 Shared Secret Key2 Shared Secret Key3
Stream Ciphers • Encrypt a digital data stream one bit or one byte at a time • Example: RC4(Rivest Cipher-4) Plaintext Ciphertext Encryption Key stream Key Gen Shared Key
Hash Algorithms (requirements) Produce a FINGERPRINT of the message, entity • Can be applied to a block of data of any size • Produces fixed length output • Relatively easy to compute both HW and SW • It should be infeasible to compute message from hash (one-way property) • Computationally infeasible to get same hash value for different messages (weak collision resistance) • Computationally infeasible to find any message pair whose have same hash values (strong collision resistance)
Hash Algorithms(one-way functions) • Integrity checking, authentication of the message Message => MD5 output (128bit) 1234567890 => 7c12772809c1c0c3deda6103b10fdfa1 1234567891 => eac9407dc999ae35ba5e6851e28d7c53 Plaintext At source Plaintext Hash function Hash value Plaintext Hash function At destination Hash value Compare if both same
Initial “ digest ” Message (padded) (constant) … 512 bits 512 bits 512 bits Transform Transform … Transform Message digest Hash Algorithms(one-way functions)
Using Hash Algorithm-2 MD5 message is a 512 bit data packet + 128 bit message digest Secret initial value of MD
Public Key CiphersDiffie-Hellman Key Exchange • Enable two users to exchange keys • Depends on difficulty of computing discrete logarithms • P is prime number, A is its primitive root of P; so numbers A mod(P), A2 mod(P), …..,AP-1 mod(P) are distinct and consists of integers from 1 through p-1 in some permutation. • If P=11, then A=2 is primitive root with respect to P 21 mod(11)=2, 22mod(11)=4, 23mod(11)=9, 24mod(11)=5, … ……,210mod(11)=1
Diffie-Hellman • Global public elements, prime number P and primitive root E, with E< P • User A selects private key XA <P, Calculates public key YA=E XAmod(P) • User B selects private key XB <P, Calculates public key YB=E XBmod(P) • User A calculates K, K=(YB) XA mod(P) • User B calculates K, K=(YA) XB mod(P)
Diffie-Hellman(example) • Global public elements, prime number and primitive root P=97 and E=5 • User A selects private XA=36 where XA <P, Calculates public YAYA=5 36mod(97)=50 • User B selects private XB=58 where XB <P, Calculates public YBYB=5 58mod(P)=44 • User A calculates K, K=(YB) XA mod(97) = 44 36 mod(97)=75 • User B calculates K, K=(YA) XA mod(97) = 50 58 mod(97)=75
Public Key Ciphers - RSA • RSA(Rivest, Shamir, Adelman) • Similar to Diffie-Hellman, but uses large exponentials, plaintext is encrypted in blocks having a binary value N. • M is plaintext block, e is exponent then, • C=Me mod(n) C, is the encrypted ciphertext • M=Cd mod(n)= (Me)d mod(n)= Med mod(n) • Public key, (e,n), Private key(d,n) • Requirements • Possible to find values of e,d,n to satisfy above calculations • Relatively easy to calculate Me and Cd for all values of M<n • Infeasible to determine d given e and n
RSA (example) • Suppose p=7 and q=9; n=pxq = 77 • Also (p-1)(q-1)=60 • Choose e as a number relative prime to 60 • Suppose e=7 • Then d= 7 -1 mod((7-1)x(11-1)) or 7xd= 1 mod 60 • So that d=43 • Public key (e,n) = (7,77); Private key (d,n) = (43,77) • For encryption of m=9, we compute c= m e mod n = 9 7mod 77 = 37 this is the cipertext • Receiver computes m= c d mod n = c= 37 43 mod 77 = 9
Comparison between Public and Secret Key Algorithm ~10-100 Mbps DES ~100 Kbps RSA Effort to crack 64 128 512 2K Key length (bits)
Security Protocols: (1) Authentication • Authentication • Three-way hand shake, client and server have shared secret key • Trusted third party (as in kerberos) • Public Key Authentication (RSA) • Digital signatures
Authentication Protocols • Authentication between two entities: • Three-way hand shake, client and server have shared secret keys • Challenge-response method
S A B B , A E (( T , L , K , B E ), (( T K , L ), , A K , A ), K ) B E (( A , T E ), (( K T , ), L , K , A ), K ) B ) K + 1, T ( E Authentication Protocols: Kerberos • Authentication between two entities via trusted third party • Two 2-way handshakes with third party • Challenge-response method A identifies itself and B to S T: time-stamp L: lifetime K: session key A decrypts T and encodes with session key K and passes on the second message Server sends two message To A, one with A’s key and another with B’s, both containing session keys B decrypts K and responds To A with T+1 encoded by K
Authentication Protocols • Public key authentication • No secret shared key needed
Message Integrity • Digital signature • Sender uses private key to sign message • Receiver decrypts with public key, e.g RSA • Keyed MD5 • Sender transmits m + MD5(m+k) • k is a secret key known to both sender & rx • Receiver matches secret key to confirm
Key Distribution • A key could be selected by A and physically delivered to B. • A third party could select the key and physically deliver it to A and B. • If A and B have previously used a key, one party could transmit the new key to the other, encrypted using the old key. • If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B.
IPRA = Internet Policy IPRA Registration Authority (root) PCA n = policy certification authority CA = certification authority PCA1 PCA2 PCA3 CA CA CA CA CA CA User User CA User User User CA User User User Key Distribution: Certificates
Consist of five services: Authentication Confidentiality Compression E-mail compatibility Segmentation Overview of PGP(Pretty Good Privacy)
IP Layer Security (IPSec) • Suite of protocols developed by IETF to address security at the IP level, and provide secure communications across the Internet • IPSec supports the following features • Two security protocols: 1) Authentication Header (AH), and 2) Encapsulating Security Payload (ESP) • Two modes of operation: 1) Transport, and 2) Tunnel • Two key management protocols: 1) Internet Key Exchange (IKE), and 2) IP Security Association Key Management Protocol (ISAKMP) • Six security services: 1) Access control, 2) Connectionless integrity, 3) Data origin authentication, 4) Rejection of replayed packets, 5) Confidentiality (encryption), and 6) Limited traffic flow confidentiality • Security policies that determine how machines communicate via IPSec, and the security services they can access • Support for IPSec features is optional (mandatory) for IPv4 (IPv6)
IP Security Overview • Benefits of IPSec • Transparent to applications (below transport layer (TCP, UDP) • Provide security for individual users • IPSec can assure that: • A router or neighbor advertisement comes from an authorized router • A redirect message comes from the router to which the initial packet was sent • A routing update is not forged
IPSec Headers IP Sec Authentication header IP Sec ESP header