660 likes | 874 Views
Security. Chapter 8. Part I Introduction. Security in Distributed Systems. Security is one of the most difficult issues in a DS Can be roughly divided into two parts: Secure Channels Secure communication between parties (users/processes) Access Control
E N D
Security Chapter 8 Part I Introduction
Security in Distributed Systems • Security is one of the most difficult issues in a DS • Can be roughly divided into two parts: • Secure Channels • Secure communication between parties (users/processes) • Access Control • Authorization: is a party authorized to access a resource?
Confidentiality and Integrity • Security is related to dependability • A dependable system is trustful to provide its services • Trust is related to confidentiality and integrity • Confidentiality: information is disclosed to authorized (intended) parties only • Integrity: only authorized alterations to system assets (H/W, S/W, data) are allowed
Types of Threats • Security attempts to protect the services of a DS from security threats • Interception: unauthorized party obtains access to services or data • Interruption: services or data are interrupted (unavailable, unusable, etc.) • Modification: unauthorized change for data or services • Fabrication: unauthorized creation of data or services
Policy and Mechanism • Security Policy: a specification of what actions are allowed and who is authorized to perform them • Security Mechanism: An implementation of a security policy • Four major security mechanism types
Security Mechanisms • Encryption: encode data in a form that only intended parties can decode • Authentication: verify a claimed identity by a party • Authorization: verify a party is authorized to access a resource • Auditing: Study access history to analyze security breaches
Design Issues • A DS as a middleware must provide a general-purpose security policy, if possible • Focus of Control • Layering Mechanisms • Distributing Mechanisms • Simplicity
Design Issues – Focus of Control • Three approaches for protection against security threats • Protection against invalid operations • Protection against unauthorized invocations • Protection against unauthorized users
Design IssuesLayering of Security Mechanisms (1) • The logical organization of a distributed system into several layers.
Design IssuesLayering of Security Mechanisms (2) • Several sites connected through a wide-area backbone service.
Design Issues Distribution of Security Mechanisms • The principle of RISSC as applied to secure distributed systems.
Cryptography (1) S R m m’ m Decrypt m’ Encrypt m • Cryptography helps protect against: • Listen intrusion • Alter intrusion • Fabricate intrusion
Cryptography (2) • Intruders and eavesdroppers in communication.
Cryptography – Simple Example Key (permutation) m’ m • 8 – bit (or char) messages • Encrypt by permutations • Encryption Key: • 7 3 6 2 1 8 5 4 Bad Idea : can be broken easily by a brute-force attack
Cryptosystem Categorizations • Symmetric vs. asymmetric cryptosystems: • Symmetric: use same key to encrypt and decrypt • Also called shared-key or secret-key cryptosystems • P = DK(EK(P)) • Asymmetric: use different keys to encrypt and decrypt • P = DKD(EKE(P)) • Also called public-key cryptosystems • One key is made public and one is made private • Which key to make public? • Depends on how the keys are used
Cryptography – Notation • Notation used in this chapter.
Confidentiality versus Authentication • If A sends a confidential message to B, A should use KB+to encrypt the message (KB-is left private) • If A needs to authenticate a message (make sure it is from B), B uses KB-to encrypt the message. A can use KB+to authenticate it.
Encryption Properties • For any encryption function E, it should be computationally infeasible to find K when given P and C such that C = Ek(P) • Given P and K, it should be computationally infeasible to find K’ K such that Ek(P) = Ek’(P)
Cryptosystem Examples • Data Encryption Standard (DES): • Symmetric • Shared key • Rivest, Shamir, and Adleman (SRA) algorithm • Asymmetric • Public key • Message Digest 5 (MD5) • Hash Function
DES • Plaintext block P = 64 bits • Ciphertext block C = 64 bits • Same algorithm and key are uses for encryption and decryption • Key length = 56 bits • (64 bits with each eight bits used for parity) • The key can be any 56-bit number and can be changed • However, some keys are considered weak • Security rests on the key’s shoulders
DES – Algorithm Outline • The principle of DES • Outline of one encryption round
Initial and Final Permutations • Fixed permutations (similar to the simple example) • Final permutation is the inverse of the initial permutation • Do not affect the security of DES • Their main purpose is to make it easier to load 64 blocks in bytes (in H/W) • Many S/W implementations leave out these permutations (do not comply with DES)
Initial Permutation • Examples: • Bit 58 of the 64-bit block moves to position 1 • Bit 57 moves to position 33
DES – Key Generation key left Compression Permutation • Details of per-round key generation in DES.
Key Permutation • Examples: • Every eight bit of the original 64-bit key is ignored • (No multiples of 8) • Bit 10 of the 56-bit key moves to position 15
Shifting Key Bits Round number Number of bits shifted • In rounds 1, 2, 9, and 16 the key is shifted one bit • In the rest, it is shifted two bits
Compression Permutation Select 48 bits from 56 • Examples: • Bit 14 of the shifted key moves to position 1 • Bits 8 & 18 are ignored
One Round of DES Li-1 Ri-1 Key shift shift Expansion Permutation Compression Permutation + S-Box P-Box + Li Ri Key
Round i • In each round i 16: • Li = Ri – 1 • Ri = Li – 1 f(Ri – 1, Ki)
Expansion Permutation (1) • Expand the 32 bits in Ri to 48 bits • Changes the order of bits and repeats some bits • Need 48 bits to XOR with the result of the compression permutation • Avalanche Effect: one bit affects two substitutions (the dependency of the output bits on the input bits spreads faster) • DES: every bit in C depends on every bit in P and K as quickly as possible
Expansion Permutation (2) 1 2 3 4 5 6 7 8 9 10 11 12 32 … 48 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 1
Substitution Boxes 48-bit input … S-Box 1 S-Box 2 S-Box 8 32-bit output
S-Boxes S-Box 1 • Each S-Box entry is a 4-bit number • The 6-bit input specify the column and row as follows: • Input = b1b2b3b4b5b6 • Row number = b1b6 • Column number = b2b3b4b5 • Example: Input = 110011, row = 11 (3) , column = 1001 (9), • Output = 11 (eleven), which is 1001 • Substitute 110011 by 1001
Round 16 L15 R15 Key shift shift Expansion Permutation Compression Permutation + S-Box P-Box + L16 R16 Key Input to the final permutation R16 L16
Round 16 (cont’d) Odd round L R Even round R L L R Even round (Round 16) R L
Inverse Permutations P P P-1 = P-1
DES Decryption • The same algorithm works for both encryption and decryption • Same key • Keys must be used in reverse order (schedule) • K1, K2, …, K16 for encryption • K16, K15, …, K1 for decryption • Key shift is done by a right-shift
DES Security (1) • All operations of DES (except S-Boxes) are linear and easy to analyze • S-Boxes are non-linear and give DES its security • S-Boxes are mysterious (the constants??) • Many speculations over key length, iterations, and design of S-Boxes exist
DES Security (2) • Key Length: Longer keys make it more difficult to break with a brute-force attack • 16 rounds: It has been shown that DES with less than 16 rounds can be broken by known-plain text attacks • With 16 rounds it can be broken by a brute-force attack • Was possible to break it in 1993 by a cracking machine costing $1milion in 3.5 hrs (That’s 1993!) • No one knows if such machines have ever been built • Improvements have been made to DES
Symmetric Key Length Time estimates for H/W brute-force attacks in 1995
Weak Keys • Four (notably) weak keys: • All 1’s • All 0’s • All bits in each half is 0’s or 1’s • When the block is split, each half is shifted independently • The key used in any cycle of DES will be the same
Public Key Cryptography • Each party has a public and a private key • Each key is a pair of integers (private, public) • Each participant creates his/her key • Public keys are published (private keys are secrets)
Prime Numbers • Prime number: an integer greater than 1 whose only factors are 1 and itself. (2 and 2365347734339) • There is an infinite number of primes • Two numbers are relatively prime if their gcd is 1 (e.g. 15 and 27) • A prime number is relatively prime to all other numbers except its multiples
Modular Arithmetic • 23 mod 12 = 11 mod 12 = 11 • We say, 23 11 (mod 12) • a b (mod n) if a = b + kn, for some integer k • The multiplicative inverse of 6 is 1/6 (6 1/6 = 1) • The modular inverse is more difficult to solve • 1 = (a x) mod n => a–1 x (mod n) • n = 14, modular inverse of 5 is 3 • 2 has do modular inverse (mod 14 too) • a–1 x (mod n) has a unique solution if a and n are relatively prime (otherwise it has no solution)
Modular Exponentiation • There are algorithms to: • calculate ab mod n • Solve ax b (mod n), if solution exists • Most Notably: • Extended Euclidean algorithm [CLRS]
Public-Key Cryptosystems: RSA • Generating the private and public key requires four steps: • Choose (randomly) two very large prime numbers, p and q, pq • Compute n = p x q and z= (p – 1) x (q – 1) • Choose a small odd integer e that is relatively prime to z • Compute the number d such that e x d 1 mod z (i.e, d = e–1 (mod z)) • Public key = (e, n) and Private Key = d