1 / 18

Real-Time Communication Security IPsec & SSL Issues

Real-Time Communication Security IPsec & SSL Issues. CS 519 Cryptography and Network Security Instructor: Ali Aydin Selcuk. The Internet. A packet-switched network: Data to be transmitted is divided into “packets” Each packet is forwarded by “routers” towards the destination.

makana
Download Presentation

Real-Time Communication Security IPsec & SSL Issues

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Real-Time Communication SecurityIPsec & SSL Issues CS 519 Cryptography and Network Security Instructor: Ali Aydin Selcuk Real-Time Communication Issues

  2. The Internet A packet-switched network: • Data to be transmitted is divided into “packets” • Each packet is forwarded by “routers” towards the destination ... ... Real-Time Communication Issues

  3. Security of TCP/IP Communications The TCP/IP reference model: IP: delivery of packets to the destination TCP: reliability of the communication • ordering the packets • error detection & recovery • congestion control UDP: basic transport protocol Application Layer (HTTP, FTP, SMTP, etc.) Transport Layer (TCP, UDP) Network Layer (IP) Data Link Layer (PPP, Ethernet, etc.) Physical Layer Real-Time Communication Issues

  4. Securing TCP/IP Layer 3: • can secure all IP comm., transparent to applications • must be built into the OS Layer 4: • doesn’t require OS modification; deployment easy Application L. Layer 4 (SSL/TLS) Transport L. Layer 3 (IPsec) Network L. Data Link L. Physical L. Real-Time Communication Issues

  5. Real-Time Protocol Issues • Interactive session security (unlike e-mail) • End-to-end security (encryption/authentication) requires layer 3 or 4 (or, layer 3.5 & 4.5) protection Real-Time Communication Issues

  6. IPv4 Header 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Real-Time Communication Issues

  7. TCP Header 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Real-Time Communication Issues

  8. UDP Header 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Real-Time Communication Issues

  9. Layer 4 (SSL) • Implemented on top of layer 4, between TCP & application • Doesn’t require any modifications to OS(deployment made easy!) Real-Time Communication Issues

  10. Layer 3 (IPsec) • Implemented between IP & TCP • Each IP packet authenticated separately • Built in the OS • Can secure all IP communication • Host-to-host and network-to-networkapplication is common;process-to-process also possible Real-Time Communication Issues

  11. Session Key Establishment • Message authentication with a session key is needed against connection hijacking • Sequence numbers needed against packet replays (different from TCP seq.no.) • Session key reset before seq.no. wraps around • For freshness guarantee, both parties should contribute to the session key Real-Time Communication Issues

  12. Perfect Forward Secrecy • PFS: Compromise of long-term secrets doesn’t compromise session keys • Example: DH with RSA authentication • Non-PFS examples: • Kerberos • Session key transport with RSA encryption • By-product: Escrow preventionConversations can’t be decrypted by authorities holding copies of long-term private keys Real-Time Communication Issues

  13. DoS Protection • If attacker can make server do DH exponentiation by just initiating a session, DoS is made easy • Protection: • cookies • puzzles Real-Time Communication Issues

  14. DoS Protection – Cookie Solution • Server responds to session requests with a random number (cookie).Initiator has to respond back with that cookie to continue • Attacker would either • reveal its address • or, abort the attack • Stateless cookies: cookie is H(IP address, secret); server doesn’t remember it. Real-Time Communication Issues

  15. DoS Protection – Puzzle Solution • Server requires initiator to solve a puzzleE.g., MD5(x) = …, x = ?, for an n-bit x. • Solving is slow, verification fast. • Can be made adaptive to increasing load. (how?) • Can be made stateless. (how?) • Can be used against spam as well Real-Time Communication Issues

  16. Identity Hiding • Hiding the parties’ identities from eavesdroppers • Do DH without authentication.Then send the authentication info encrypted under the session key. • Passive attacker can’t learn identities Real-Time Communication Issues

  17. Live Partner Assurance • Against replays, different DH exponents must be used in different sessions • DH exponentiation is expensive; problem for servers, low-end clients • Solution: Constant DH exponents, different nonces. Incorporate nonces into the session key. E.g., K = H(gab mod p, nonces) Real-Time Communication Issues

  18. Other Issues • Session resumption: Use previously established session keys to bypass public-key authentication • Deniability: Don’t use signatures for authentication. Use encryption with public keys. (e.g., the SKEME protocol) • Crypto negotiations: Key exchange protocols negotiate the algorithms to be used as well Real-Time Communication Issues

More Related