440 likes | 734 Views
Link Encryption. What is Link Security? Link security objectives by link encryption In-line encryptor hardware Point to point deployment IP-routed development Key Recovery from Internet Cryptograph chapter 3.
E N D
Link Encryption What is Link Security? Link security objectives by link encryption In-line encryptor hardware Point to point deployment IP-routed development Key Recovery from Internet Cryptograph chapter 3
ISO/OSI Layer Review – 7 layersInternational Standard Organisation/Open System Interconnection • The 7-layer is shown on right. • There are many protocols in each layer. • For example, High Level Data link Control (HDLC) in Data link layer
Internet Protocol – 5 layers • Internet protocol reduces to five layers. • Link Security refers to the security measure in data link layer (ISO/OSI, layer 2) or Network Interface (Internet Protocol, layer 2)
What is a protocol? • It means “The proper way of handling data transfer between two parties. “ • Assume two parties, Sender and Receiver are sending message. Below is the proper procedure inlcuding the error handling (in this case, retransmit)
What is link security protocol? • It is designed to hide secrets (means, encrypt for you) • It intends to protect data against forgery (false data). • It can simply fit into existing Internet applications. • In Data link layer (ISO/OSI layer 2) or Network Interface
Security Objectives of link security (1) • Maintain confidentiality on an isolated set of computers. • The computer contains sensitive data and needs to exchange with others. • Use a simple but secure protocol • Communications with outsiders is unwanted and to be blocked • To prevent the data from happening through accident, carelessness or overt (公開) attempt. Purpose Reason
Security Objectives (2) • Hide data traffic as much as possible • Shield everything possible about the data sent • Safety and familiarity is more important than cost • Use a well-established technique that is simple to understand and implement. Action
In-line Encryptor – must be a pair • It is a building block for link encryption. • It is a hardware device (not a software) • One port accepts plaintext, while the other produce ciphertext. (vice versa) encrypted message
Example of a pair of in-line encryptorthrough the Internet, usually it is used through a leased line (from PCCW) encrypted message
In-line Encryptor (real products) • Code encryptor (a small device with two network data link connections.) • In-line encryptor
Features of in-line encryptor • Separate the plaintext and ciphertext ports (that is why there are two ports) • Use a stream cipher or block cipher • In practice, a block cipher such as RC4 is used in commercial setting. (it uses DES (data encryption standard algorithm)
Link level Vulnerabilities (means weakness) There are a few attacks, Below are some of them: • Replay Attacks • Rewrite Attacks • Convert Signalling Attacks
Replay Attacks – resend a few times • If the message is an encrypted, why should we care about replay? • The reason is that: • If an outsider captures the encrypted message and re-send it, he/she might attack the system.
Example of Replay Attacks False copies
Example of Replay Attacks - Explanation • Alice sends a message of “pay Chan Tai Man” to Bob. She sends one genuine (true) message. • Play-it-again Sam captures the encrypted message and re-sends twice to Bob. • Bob and his colleagues will then pay Chan Tai Man three times. • Of course, Sam will have certain benefits of doing this.
How to solve this? – Replay attack • Each plaintext message must have an extra information such as message number. • If the receiver receives a duplicated message, it is discarded. • This will solve it in TCP/IP (layers 3 & 4). It has this feature to solve this problem. 2 data2 3 data3 2 data2 2 data2
Rewrite Attacks • If an hacker knows the contents, he/she can modify the encrypted message. • Say for example, the encrypted message of pay 1000 is 89^&oiu, he/she can modify 89^&aiu by changing o to a. The resulting plaintext message is 9000. (This assumes that 89^&aiu will produce 9000.)
Example of Rewrite • Here, the encrypted message is modified via a switcher.
How to resolve this? - rewrite There are many methods. Below are some of them • Avoid products using other modes. Always use block ciphers or Vernam techniques. (crude rewrite attacks are still possible with block mode.); or • Insert a random number into each packet, include it in the packet checksum and encrypt the resulting packet; or • Use Message Digest that you learnt in lecture 4; or • Use digital signature to authenticate the source of data. (the message is signed)
Convert Signaling Attacks • The attack is done by inserting a subverted program (spy software) into a host on the plaintext side of an encryptor • The program collects sensitive data and then transmits it to the program outside the security boundary.
Deployment – Point to point between sender and receiver Arrangement • This deployment uses a pair of trusted lines between a pair of hosts. • There is no need to connect to the Internet. • For example, you can apply for a leased line via Pacific Century Cyber Work (PCCW) between two computers (example from Central to Kowloon Tong). Now, it uses VPN, a pair of encryptors through the Internet)
Point to point – Connection • Each host’s data link is connected to the plaintext port of in-line encryptor. It is commonly used in military applications. Protect
Point to point limitation • It is hard to use as it limits between two in-line encryptors. (between two points) • You don’t have any choice on the encryption.
Deployment Example: Ip routed • Link encryption can also be applied to links carrying IP traffic. (means network layer) • This yields a flexible networking environment. (any workstation in the network can access.) • For example, assume that there are two networks that are connected by a pair of routers. • Any workstation, server etc can access the remote networking components through the leased line that is protected by the in-line encryptors. solution to extend the number of workstations
Ip routed network diagram (to any host within the network) This arrangement is more flexible
Site protection – Ip routed • Given in the previous slide, the machines (server and workstations) are within the protected boundary of the site. • The in-line encryptors are used to further to protect from unnecessary physical access. (messages are encrypted.)
Site Protection – Unsafe arrangement • The workstation out of physical protection is unsafe.
Key Recovery – how to get the key • The protection of in-line encryptors lies in the key used. • Key recovery means the keys that are used to encrypt the data is recovered by someone else without notice.
Escrowed Encryption No need to memorise • Escrowed encryption is the system or method by which secret keys are stored to be used for key recovery. • That is to say, the secret keys are held in escrow (a separate organisation) until an authorised person (FBI or CIA in US) accesses it. • There is no commercial value as the encryption lasts for the transfer of data, but is used by government to decrypt the encrypted message (for anti-terrorism).
Example – sequence no need to memorise • The FBI first stores the ciphertext and then uses the family key (product of in-line encryptor) to obtain the session key. • Different manufacturer will produce different family keys for their products • FBI then approaches escrow agency to obtain the sender’s key based on device ID. • FBI then use the key to together with the session key to decrypt the ciphertext.
Summary • Link Security – between two parties, layer 2 • Link security objectives – extend the security coverage • In-line encryptor – a pair of devices, to encrypt/decrypt message, there is no need to configure, and no need to encrypt document, it is done by the in-line encryptors. • Point to point – there is a limitation of the use of in-line encryptor, only to known location, The solution is to extend by IP routed • Key Recovery - less common in business, but is required by U.S. law to recover ciphertext for in-line encryptors
Next Week IPSec (Security at the IP Layer, Layer 3) In-line encryptor This Week