Computer networks 1 - Chapter 13: Network security
PGP is a complete e-mail security package
that provides privacy, authentication, digital
signatures, and compression
PGP encrypts data by using a block cipher
called IDEA (International Data Encryption
Algorithm), which uses 128-bit keys
Key management uses RSA and data
integrity uses MD5
PGP supports text compression, secrecy, and
digital signatures
71 trang |
Chia sẻ: nguyenlam99 | Lượt xem: 796 | Lượt tải: 0
Bạn đang xem trước 20 trang tài liệu Computer networks 1 - Chapter 13: Network security, để xem tài liệu hoàn chỉnh bạn click vào nút DOWNLOAD ở trên
1
Chapter 13:
Network Security
Advanced Principal Concepts
Samples and Techniques
Foundation Summary
Question and Answer
HCM City University of Technology
Department of Computer Science and
Engineering
Reference:
Chapter 8 - “Computer Networks”, Andrew S. Tanenbaum, 4th Edition,
Prentice Hall, 2003.
2
Introduction
Network security is looming on the horizon
as a potentially massive problem
Studying network security from several
angles
Pointing out numerous pitfalls
Discussing many algorithms and protocols
for making networks more secure
Most security problems are intentionally
caused by malicious people trying to gain
some benefit, get attention, or to harm
someone
3
Security in Brief
It is concerned with...
Making sure that nosy people cannot read, or secretly
modify messages intended for other recipients
People trying to access remote services that they are
not authorized to use
The problems of legitimate messages being captured
and replayed
People trying to deny that they sent certain messages
Four intertwined areas: secrecy, authentication,
nonrepudiation, and integrity control
4
Most Common Perpetrators
5
Outline
Cryptography
Introduction
Symmetric-key algorithms
Public-key algorithms
Digital Signatures
Management of Public Keys
Apply to Computer Networks
Terms: Authentication, Authorization,
Message Protection
Secure Sockets Layer (SSL)
6
Part 1:
Cryptography
Advanced Principal Concepts
Samples and Techniques
Foundation Summary
Question and Answer
HCM City University of Technology
Department of Computer Science and
Engineering
Reference:
Chapter 8 - “Computer Networks”, Andrew S. Tanenbaum, 4th Edition,
Prentice Hall, 2003.
7
Outline
Cryptography
Introduction
Symmetric-key algorithms
Public-key algorithms
Digital Signatures
Management of Public Keys
8
Introduction
A cipher is a character-for-character or bit-for-bit
transformation
A code replaces one word with another word
or symbol
Cryptography (or encryption): the process of
converting ordinary information (plaintext) into
unintelligible gibberish (ciphertext)
Cryptanalysis: The methods of breaking ciphers
Cryptanalyst: people search to break ciphers
Cryptology: the science on Cryptography
9
Notation
P: Plaintext
C: Ciphertext
E: Encryption
D: Decryption
K: Key
R: Random
Number
t: timestamp
Kerchkhoff's
principle:
All algorithms
must be public;
only the keys
are secret
10
Crytography
11
Work Factor
Real secrecy is in the key, its length is a
major design issue
Encryption methods:
Substitution ciphers: each letter or group of
letters is replaced by another letter or group of
letters to disguise it
Transposition ciphers: reorder the letters but
do not disguise them
12
Substitution Ciphers
Caesar cipher. Key = 3. attack = DWWDFN
Ex: attack=QZZQEA
Ex: financial, begins at position 30
13
Transposition Ciphers
The ciphertext is read out by columns,
starting with the column whose key letter is
the lowest
14
One-Time Pads
Write the message: “I love you.” in binary
A one-time pad, pad 1, is randomly chosen
XORed with the message to get the
ciphertext
15
Fundamental Cryptographic
Principles
Messages must contain some redundancy,
so that active intruders cannot send random
junk and have it be interpreted as a valid
message
Some method is needed to foil replay
attacks: ensure that each message received
can be verified as being fresh, for example
including in every message a timestamp
valid
16
Symmetric-Key Algorithms
Encryption and
decryption functions
that use the same key
are called symmetric
Block ciphers: which
take an n-bit block of
plaintext as input and
transform it using the
key into n-bit block of
ciphertext
Ex: DES, AES
Encrypt
Decrypt
17
Basic Elements of Product
Ciphers (Hardware)
Cryptographic algorithms can be
implemented in either hardware (for speed)
or in software (for flexibility)
Ex: input=64, 256 bit, and 18 physical
stages
18
Data Encryption Standard (DES)
1977: U.S. Government adopted a product cipher
DES developed by IBM
Plaintext block = 64 bits, ciphertext block = 64
bits, key = 56-bit, round = 19 stages
All the complexity lies in the function:
f(Ri-1,Ki)
In each of the 16 iterations, a different key is used
Diffie and Hellman (1977), designed a machine
to break DES (256-entry key space) for 20 million
dollars in under 1 day
19
DES Principles
20
Triple DES
1979, IBM realized that the DES key length
was too short, devised triple encryption
112-bit key is adequate, backward
compatibility with existing
21
Advanced Encryption Standard
(AES)
1997: NIST (National Institute of Standards and
Technology) sponsored a cryptographic contest
Rules for AES proposals
The algorithm must be a symmetric block cipher
The full design must be public
Key lengths of 128, 192, and 256 bits supported
Both software and hardware implementations required
The algorithm must be public or licensed on
nondiscriminatory terms
Criterias: Security, efficiency, simplicity, flexibility, and
memory requirements
22
AES Principles
2001: Rijndael (Joan Daemen and Vicent Rijmen)
algorithm = FIPS 197
Key length = 128; 192; 256 bits (minimum key
space of 2128 = 3 x 1038 keys)
Block size = 128 bits
Rijndael uses substitution and permutations, and
it also uses multiple rounds
All operations involve entire bytes, to allow for
efficient implementations in both hardware and
software
23
AES Round Processing
24
Electronic Code Book Mode
Divide input to block with 64bit, the last block is padded if
needed
32-byte: name=16 bytes , position=8 bytes and bonus=8
bytes
Each 8-byte block is encrypted by (triple) DES
25
Cipher Block Chaining Mode
Each plaintext block is XORed with the
previous ciphertext block before being
encrypted
C0 = E(P0 XOR IV), Ci = E(Pi XOR Ci-1)
26
Cipher Feedback Mode
For byte-by-byte encryption, DES algorithm operates on
the 64-bit shift register to generate a 64-bit ciphertext
27
Stream Cipher Mode
Encrypting an initialization vector (IV), using a
key to get an output block,...The sequence of
output blocks, called the keystream
1-bit error in the transmitted ciphertext
generates only a 1-bit error in the decrypted
plaintext
28
Counter Mode
Plaintext is not encrypted directly
Easy to decrypt a block anywhere in the file
without first having to decrypt all of its
predecessors
29
Common Symmetric-Key
Cryptographic Algorithms
30
Cryptanalysis
Differential cryptanalysis: used to attack
any block cipher
Linear cryptanalysis: break DES with only
243 known plaintexts
Electrical power consumption: find secret
keys by monitoring power consumed by
each machine instruction
Timing analysis: deduce the round keys by
seeing how long various programming steps
take
31
Public-Key Algorithms
Also called Asymmetric-Key Algorithms
Based on some hard problems such as integer factoring,
When data is encrypted with one key, the other key must be used to
decrypt the data, and vice versa
Each entity can be assigned a key pair: a private and public key
Private key is
known only to
owner
Public key is
given away to
the world
32
RSA (Rivest, Shamir, Adleman)
Choose two large
primes, p and q
(typically 1024 bits)
Compute n = p x q and z
= (p - 1) x (q - 1)
Choose a number
relatively prime to z and
call it, d
Find e such that (e x d)
= (1 mod z)
Pair key: {Public(e, n),
Private(d,n)}
0 <= P < n, 2k < n
Encryption: C = Pe
(mod n)
Decryption: P = Cd
(mod n)
33
RSA Example
Example: p = 3, q = 11 → n = 33, z = 20, choose d = 7
→ e = 3
34
RSA Notes
The method is based on the difficulty of
factoring large numbers
Ex: Factoring a 500-digit number requires
1025 years using brute force
RSA is too slow for actually encrypting
large volumes of data
Most RSA-based systems use public-key
cryptography primarily for distributing one-
time session keys for use with some
symmetric-key algorithm such as AES or
triple DES
35
Digital Signature Introduction
Conditions:
Receiver can verify the claimed identity of
sender
Sender cannot later repudiate the contents of
the message
Receiver cannot possibly have concocted the
message himself
Authenticity of many legal, financial, and other
documents is determined by the presence or absence of
an authorized handwritten signature
36
Symmetric-Key Signatures
A central authority that knows everything
and whom everyone trusts (ex: BB)
Each user then chooses a secret key and
carries it by hand to BB's office
37
Public-Key Signatures
Alice can send a signed plaintext message,
P, to Bob
Bob receives the message, he transforms it
using his private key, then applies EA to get
the original plaintext
38
Digital Signature Principle
Digital signatures
are created by
encrypting a hash
of the data with
private key
The resulting
encrypted data is
the signature
This hash can then
only be decrypted
by public key
Hash
Encrypt
39
Digital Signatures Verification
Given some data with signature, if someone
decrypt a signature with public key and get
the hash of the data, they know it was
encrypted with private key
Hash
=? Decrypt
40
Message Digests (MD)
One-way hash function properties:
Given P, it is easy to compute MD(P).
Given MD(P), it is effectively impossible to
find P.
Given P no one can find P' such that MD (P')
= MD(P).
A change to the input of even 1 bit produces a
very different output
41
MD Characteristics
Computing a MD is much faster than
encrypting a plaintext with a public-key
algorithm
Authentication scheme that does not require
encrypting the entire message:
Alice first computes the message digest of her
plaintext
She then signs the message digest and sends both the
signed digest and the plaintext to Bob
If Trudy replaces P underway, Bob will see this when
he computes MD(P) himself
42
MD5
Designed by Ronald Rivest
Every output bit is affected by every input bit
Padding the message to a length multiple of 448 bits
Original length of the message is appended as a 64-bit integer to
give a total input whose length is a multiple of 512 bits
Each round takes a 512-bit block of input and mixes it
thoroughly with the 128-bit buffer
The contents of the 128-bit buffer form the message digest
December 2008, "should be considered cryptographically broken
and unsuitable for further use"
MD5("The quick brown fox jumps over the lazy dog")
= 9e107d9d372bb6826bd81d3542a419d6
43
Secure Hash Algorithm 1
(SHA-1)
Developed by NSA
SHA-1 processes input data in 512-bit blocks
It generates a 160-bit message digest
2008, can be break theoretically within 2^51 op
44
Management of Public keys
How do you know that you have a correct
public key?
Certificates
Some mechanism is needed to make sure
that public keys can be exchanged securely
user
Subject
Public Key
Issuer (CA)
Signature of CA
Private Key
(encrypted)
45
Certificate
Job of a certificate is to bind a public key to
the name of a principal (individual,
company,...)
Certificates themselves are not secret or
protected
Certificate can also be used to bind a public
key to an attribute
46
Checking a Certificate
By checking the signature, one can
determine that a public key belongs to a
given user
Subject
Public Key
Issuer
Signature
Hash
=?
Decrypt
Public Key from
Issuer
47
Public-Key Infrastructure (PKI)
48
PKI Components
PKI has multiple components, including
users, CAs, certificates, and directories
PKI provides a way of structuring these
components and define standards for the
various documents and protocols
A chain of certificates going back to the root
(trust anchors) is called a chain of trust or
a certification path
CRL (Certificate Revocation List) giving
the serial numbers of all certificates that it
49
Part 2:
Apply to Computer Networks
Advanced Principal Concepts
Samples and Techniques
Foundation Summary
Question and Answer
HCM City University of Technology
Department of Computer Science and
Engineering
Reference:
Chapter 8 - “Computer Networks”, Andrew S. Tanenbaum, 4th Edition,
Prentice Hall, 2003.
50
Outline
Terms
Authentication
Authorization
Message Protection
Secure Sockets Layer (SSL)
E-mail security
Web Security
51
Communication Security
Most security experts believe that to be
really secure, encryption and integrity
checks have to be end to end (i.e., in the
application layer)
It requires changing all the applications to
make them security aware
Next best approach is putting encryption in
the transport layer or in a new layer between
the application layer and the transport layer
52
IPSec
Complete IPsec design is a framework for
multiple services, algorithms and
granularities
Rather than make it optional, it was decided
to require encryption all the time but permit
the use of a null algorithm
It is in the IP layer, it is connection oriented
A ''connection'' in the context of IPsec is
called an SA (security association)
53
IPSec Components
IPsec has two principal parts:
Two new headers that can be added to packets
to carry the security identifier, integrity
control data, and other information
ISAKMP (Internet Security Association and
Key Management Protocol) deals with
establishing keys
Two modes:
Transport mode
Tunnel mode
54
IPSec Authentication Header
AH (Authentication Header) provides
integrity checking and antireplay security,
but not secrecy (i.e., no data encryption)
HMAC (Hashed Message Authentication
Code)
55
Firewalls
Keep ''good'' bits in and ''bad'' bits out
IPsec does nothing to keep digital pests and
intruders from getting onto the company
LAN
All traffic to or from the company is forced
through an electronic drawbridge (firewall)
Packet filters are typically driven by tables
configured by the system administrator
56
Packet Filter
57
Virtual Private Networks
58
VPN Feature
Private networks work fine and are very
secure with leased lines
Many companies wanted to move their data
traffic to the public network
VPNs are overlay networks on top of public
networks but with most of the properties of
private networks
VPNs can be implemented on top of ATM,
Frame Relay, or directly over the Internet
59
Authentication Protocols
Verification of identity in the face of a
malicious active intruder or impostor
Complex protocols based on cryptography
Many mechanisms exist:
Username/password
Challenge-response protocol
Kerberos
Public-key Cryptography
60
Challenge-Response Protocol
A, B are the identities of Alice and Bob
Ri's are the challenges, where the subscript
identifies the challenger
Ki are keys, where i indicates the owner
KS is the session key
61
Authentication Using Kerberos
Designed at M.I.T. to allow workstation
users to access network resources in a
secure way
Kerberos involves three servers:
Authentication Server (AS): verifies users
during login
Ticket-Granting Server (TGS): issues ''proof
of identity tickets''
Bob the server: actually does the work Alice
(a client workstation) wants performed
62
Operation of Kerberos V4
63
Authentication Using Public-Key
Cryptography
64
Authorization
Verification of rights
Many mechanisms exist for specification
and enforcement:
By operating system (e.g., unix file
permissions)
By application (e.g., permissions within a
DBMS)
Usually requires authentication, but doesn’t
always
65
Message Protection
Integrity
Authenticate the message
Verify that the message received is the same
message that was sent
A signature is a message integrity mechanism
that can be verified even if the sender is
offline
Confidentiality
Ensure that no one but the sender and
recipient can read the message
66
Secure Sockets Layer (SSL)
SSL builds a secure
connection between
two sockets
Parameter
negotiation between
client and server
Mutual
authentication of
client and server
Secret
communication
Data integrity
67
SSL Connection Establishment
68
Data Transmission using SSL
69
PGP — Pretty Good Privacy
PGP is a complete e-mail security package
that provides privacy, authentication, digital
signatures, and compression
PGP encrypts data by using a block cipher
called IDEA (International Data Encryption
Algorithm), which uses 128-bit keys
Key management uses RSA and data
integrity uses MD5
PGP supports text compression, secrecy, and
digital signatures
70
Mail Security (PGP)
71
Web Security (HTTPs)
Các file đính kèm theo tài liệu này:
- cn1_lecture13_0877.pdf