1 / 34

Network Security

Network Security. Bijendra Jain (bnj@cse.iitd.ernet.in). Lecture 1: Introduction. Top-level issues. Safety, security and privacy Security policy threats, both external and internal economic gains cost of securing resources cryptographic methods vs. physical security

lamar-hinton
Download Presentation

Network Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Network Security Bijendra Jain (bnj@cse.iitd.ernet.in) Tutorial on Network Security: Sep 2003

  2. Lecture 1: Introduction Tutorial on Network Security: Sep 2003

  3. Top-level issues • Safety, security and privacy • Security policy • threats, both external and internal • economic gains • cost of securing resources • cryptographic methods vs. physical security • Information security: • nature of resources (HW, SW, information) • during storage, access and communication • limited to a single computer vs. network security • various layers (physical through application layers) Tutorial on Network Security: Sep 2003

  4. Security threats • Intentional vs. accidental • Various forms of violations: • Non-destructive • Destructive • Repudiation • Denial of service • Threat techniques: • crypt-analysis • snooping • masquerading • replay attacks • virus, worms • etc. Tutorial on Network Security: Sep 2003

  5. Security services • Services (or functions) vs. mechanisms • Security functions: • confidentiality • authentication • integrity • non-repudiation • access control • availability Tutorial on Network Security: Sep 2003

  6. Security mechanisms • Physical controls • Audit trails • Fraud detection (data mining) • Steganography • Encryption: • private-key vs. public-key encryption • key generation, exchange, and management • certification • Firewalls • etc. Tutorial on Network Security: Sep 2003

  7. Lecture 2: Symmetric-key encryption Tutorial on Network Security: Sep 2003

  8. Cryptographic systems • Symmetric vs. asymmetric encryption • Number of keys used • Key lengths • Block vs. stream cipher • Crypt-analysis (assume algorithm is known) • ciphertext (only) • plaintext + ciphertext • chosen plaintext + ciphertext • chosen ciphertext + plaintext Tutorial on Network Security: Sep 2003

  9. Crypt-analysis Insecure channel Encrypt EK(X) Decrypt DK(X) X Y X K K Secure channel Secret key, K Symmetric cryptographic system • Symmetric encryption • Plaintext, X • Ciphertext, Y • Secret keys for encryption, decryption, K Tutorial on Network Security: Sep 2003

  10. Crypt-analysis Insecure channel Encrypt EK(X) Decrypt DK(X) X Y X K1 K2 Key generation, management Asymmetric cryptographic system • Asymmetric encryption • Plaintext, X • Ciphertext, Y • Two keys K1, and K2. One is secret, other is public • One of them (secret or public) is used to encrypt, the other for decryption • Helps with confidentiality, digital signatures Tutorial on Network Security: Sep 2003

  11. Symmetric encryption • Substitution cipher • Transposition cipher • DES • Triple DES • Blowfish, RC5, RC4, etc. Tutorial on Network Security: Sep 2003

  12. Substitution cipher • Ceasar cipher • encrypt C  (p+k) mod n • decrypt p  (C-k) mod n • assumes set of n characters • easily breakable in n-1 steps • Substitute using n x n table • encrypt Ci lookup_encrypt(pi) • decrypt pj lookup_decrypt(Cj) • 26! Different keys • may be broken using known “relative frequency” of each character • To counter: • use multiple symbols to substitute • substitute multiple symbols at a time • e.g. two letter strings at a time Tutorial on Network Security: Sep 2003

  13. Transposition cipher • Transposition example: • To make it more secure: • transposition it multiple times • combine it with substitution ciphers Tutorial on Network Security: Sep 2003

  14. C1 P1 K K Decrypt DK(X) Encypt EK(X) P1 C1 DES • Combination of several substitution and transposition ops • Applied to each block of size 64 bits • Key is 56 bits • Uses portions of key at different steps • Uses techniques referred to by “diffusion and confusion” • Developed by IBM 1971-73, accepted by NBS (USA) as a standard in 1977 • Primarily a block cipher Tutorial on Network Security: Sep 2003

  15. 56-bit key 64-bit plaintext Initial permutation Permuted key Round 1 Permuted key Left circular shift Round 2 Permuted key Left circular shift Round 16 Permuted key Left circular shift K16 K2 K1 32-bit swap Inverse permute 64-bit ciphertext DES encryption algorithm Tutorial on Network Security: Sep 2003

  16. P1 P2 IV + + + + Encrypt EK(X) Encrypt EK(X) K K C1 C2 C2 C1 K Decrypt DK(X) K Decrypt DK(X) IV P2 P1 Cipher Block Chaining • Primarily a block cipher • May be used in “block chaining mode” Tutorial on Network Security: Sep 2003

  17. Strength of DES • Key size of 56 bits appears to be too small • In 1993 Weiner developed HW device for $100K with 5760 search engines to break it in 35 hours • In 1997, 70,000 systems on Internet discovered the key in less than 96 days (part of plaintext is given) • Automating the process is difficult, unless plaintext is known • Perhaps breakable by studying and exploiting weakness • Differential cryptanalysis • Linear cryptanalysis • Trapdoor • US Govt changed the original design • Continues to enjoy wide acceptibility • Particularly with triple-DES (used in PGP) Tutorial on Network Security: Sep 2003

  18. K1 K2 X P Encypt EK1(X) Decrypt EK2(X) C Double-DES • Two stages of encryption, using two different keys Tutorial on Network Security: Sep 2003

  19. Double-DES • “two stages cannot be reduced to one stage”: • for given K1, K2, there is no K s.t. EK2(EK1(P)) = EK(P) • Meet-in-the-middle attack • Let C = EK2(EK1(P)), and X = EK1(P) = DK2(C) • Let known P and C • Search for K1 and K2 such that X = EK1(P) = DK2(C) • Complexity is O(256 +256), not O(2128) Tutorial on Network Security: Sep 2003

  20. K1 K3 K2 X1 X2 P Decrypt EK3(X) Encypt EK1(X) Decrypt EK2(X) C Triple-DES • Three stages of encryption, using two different keys Tutorial on Network Security: Sep 2003

  21. IDEA • International data encryption algorithm (IDEA) • developed in 1991, gaining ground • block cipher • better understood • US government has had no role in its design • design principle: • block size 64 bits • key length 128 bits • more emphasis on “diffusion” and “confusion” • uses three operations: • “exclusive-OR”, “addition”, “multiplication” • some effort to make HW implementation easier Tutorial on Network Security: Sep 2003

  22. RC5 • developed by Rivest, in 1994 • suitable for HW or SW implementation on microprocessors • simple • different word length • low memory • high level of security • simpler determination of strength • variable no. of “rounds”, key length Tutorial on Network Security: Sep 2003

  23. Blowfish • Developed in 1993 • block cipher • up to 448 bit keys • no known attacks • simple, fast and compact Tutorial on Network Security: Sep 2003

  24. Summary: symmetric key encryption • Since the same key is used to encrypt and decrypt, the system is also know as private-key encryption • Symmetric key encryption • uses shared secret keys • also known as “private-key” encryption • Primarily used for purpose of confidentiality • but may be used to authenticate as well, but may be “repudiated” • Key sharing or management is an issue • particularly when the no. of clients sharing the key is “large” Tutorial on Network Security: Sep 2003

  25. Application to confidentiality • Private-key encryption may be used to provide confidentiality of messages during transfer over LANs and/or WANs • At issue: • what information: • User data vs. headers • Identity of correspondents vs. node/route identity • in what layer, and between what points • Link-layer vs. end-to-end vs. application level • Assumption: data over physical network is accessible • Wireless links • Employee of the network service provider • Your own colleagues Tutorial on Network Security: Sep 2003

  26. Host B R Host A R R Link-level enrypt/ decrypt End-to-end enrypt/ decrypt Link-level vs. end-to-end confidentiality Tutorial on Network Security: Sep 2003

  27. Link-level encryption End-to-end encryption Security within nodes, hosts Exposed in intermediate nodes Exposed in end hosts Encrypted in intermediate nodes Encrypted/Decrypted by end hosts Role of end devices, intermediate nodes Intermediate nodes require encryption One key for each link Done in hardware Only end hosts need encryption One key per session/connection Perhaps done in software Link-level vs. end-to-end confidentiality Tutorial on Network Security: Sep 2003

  28. Traffic confidentiality • Issues: • Identity of communicating entities • Identity of hosts, routers • Traffic volumes, patterns • Link-level encryption offers better confidentiality • Padding may be used to “hide” patterns and volumes Tutorial on Network Security: Sep 2003

  29. Key distribution • Secret key must be distributed between the communicating entities, say A and B • Link level encryption requires L number of keys to be distributed, one for each device at the end of a link • Host-to-host encryption requires N*(N-1)/2 keys to be distributed • Two techniques: • Physical delivery (works only in a very limited environs) • A delivers it to B • A trusted third party C delivers the key to A and to B • Electronic delivery using an established secure connection or session • A delivers it to B after suitably encrypting it • A trusted third party C delivers the key to A and to B using secure channels to A and to B. Tutorial on Network Security: Sep 2003

  30. Key distribution • Electronic distribution by B to A, though process initiated by A • Above: • N1 and N2 are “nonce”, • MKm is the “master key” used by A and B • KS is the new “session key” • F is a well-known function, such as ADD 1 Tutorial on Network Security: Sep 2003

  31. Key distribution • Electronic distribution by trusted third party C to A and to B Tutorial on Network Security: Sep 2003

  32. Key distribution • Above: • KA and KB are keys used by A and B, respectively, to communicate with C • IDA identifies entity A Tutorial on Network Security: Sep 2003

  33. Key distribution • Secure operation of these schemes, against: • Masquerade • replay attacks • Other issues: • Hierarchy of keys • Lifetime of a session key • Generation of Nonce or Random numbers Tutorial on Network Security: Sep 2003

  34. Thanks Tutorial on Network Security: Sep 2003

More Related