Network Security - Lecture 30

runs on SSH Transport Layer Protocol assumes secure authentication connection used for multiple logical channels SSH communications use separate channels either side can open with unique id number flow controlled have three stages: opening a channel, data transfer, closing a channel four types: session, x11, forwarded-tcpip, direct-tcpip.

pptx37 trang | Chia sẻ: dntpro1256 | Lượt xem: 725 | Lượt tải: 0download
Bạn đang xem trước 20 trang tài liệu Network Security - Lecture 30, để xem tài liệu hoàn chỉnh bạn click vào nút DOWNLOAD ở trên
Network SecurityLecture 30Presented by: Dr. Munam Ali Shah Part 3Internet Security (Last lecture of last Part)Summary of the Previous LectureWe had a discussion about following topicsEmail SecurityPretty Good PrivacyWhy PGP is famousPGP OperatingMessage generationMessage ReceptionInternet Mail ArchitectureEmail Threats Outlines of today’s lectureSecure Socket Layer (SSL)ArchitectureConnectionSessionRecord Protocol ServiceRecord Protocol operationThree SSL-specific protocols that use the SSL Record ProtocolSSL Change Cipher Spec ProtocolAlert ProtocolHandshake ProtocolIntegrating SSL/TLS with HTTP  HTTPSHTTPS and SSHObjectivesYou would be able to present an understanding of how web security is achieved through different protocols.You would be able demonstrate knowledge about SSH, HTTPS, TLS etc.Web SecurityWeb now widely used by business, government, individualsbut Internet & Web are vulnerablehave a variety of threatsintegrityconfidentialitydenial of serviceauthenticationneed added security mechanismsWeb Traffic Security ApproachesA number of approaches to providing Web security are possible. The various approaches that have been considered are similar in the services they provide and, to some extent, in the mechanisms that they use, but they differ with respect to their scope of applicability and their relative location within the TCP/IP protocol stack.SSL (Secure Socket Layer)Transport layer security serviceoriginally developed by Netscapeversion 3 designed with public inputsubsequently became Internet standard known as TLS (Transport Layer Security)uses TCP to provide a reliable end-to-end serviceSSL has two layers of protocolsSSL ArchitectureThe SSL Record Protocol provides basic security services to various higher-layer protocols. In particular, the Hypertext Transfer Protocol (HTTP), which provides the transfer service for Web client/server interaction, can operate on top of SSL. Three higher-layer protocols are also defined as part of SSL: the Handshake Protocol, Change Cipher Spec Protocol, and Alert Protocol. These SSL-specific protocols are used in the management of SSL exchanges.SSL ArchitectureSSL connectiona transient, peer-to-peer, communications linkassociated with 1 SSL sessionSSL sessionan association between client & servercreated by the Handshake Protocoldefine a set of cryptographic parametersmay be shared by multiple SSL connectionsSSL Record Protocol Servicesconfidentialityusing symmetric encryption with a shared secret key defined by Handshake ProtocolAES, IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128message is compressed before encryptionmessage integrityusing a MAC with shared secret keysimilar to HMAC but with different paddingSSL Record Protocol OperationThe Record Protocol takes an application message to be transmitted, fragments the data into manageable blocks, optionally compresses the data, computes and appends a MAC (using a hash very similar to HMAC), encrypts (using one of the symmetric algorithms listed on the previous slide), adds a header (with details of the SSL content type, major/minor version, and compressed length), and transmits the resulting unit in a TCP segment. Received data are decrypted, verified, decompressed, and reassembled and then delivered to higher-layer applicationsSSL Change Cipher Spec ProtocolOne of 3 SSL specific protocols which use the SSL Record protocola single messagecauses pending state to become currenthence updating the cipher suite in useSSL Alert Protocolconveys SSL-related alerts to peer entityseveritywarning or fatalspecific alertfatal: unexpected message, bad record mac, decompression failure, handshake failure, illegal parameterwarning: close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknowncompressed & encrypted like all SSL dataSSL Handshake Protocolallows server & client to:authenticate each otherto negotiate encryption & MAC algorithmsto negotiate cryptographic keys to be usedcomprises a series of messages in phasesEstablish Security CapabilitiesServer Authentication and Key ExchangeClient Authentication and Key ExchangeFinishSSL Handshake ProtocolTLS (Transport Layer Security)IETF standard RFC 2246 similar to SSLv3with minor differencesin record format version numberuses HMAC for MACa pseudo-random function expands secretsbased on HMAC using SHA-1 or MD5has additional alert codessome changes in supported cipherschanges in certificate types & negotiationschanges in crypto computations & paddingIntegrating SSL/TLS with HTTP  HTTPSTwo complicationsWeb proxiessolution: browser sendsCONNECT domain-namebefore client-hello (dropped by proxy)Virtual hosting:two sites hosted at same IP address.solution in TLS 1.1 (RFC 4366)client_hello_extension: server_name=cnn.comimplemented in FF2 and IE7 (vista)web proxyweb servercorporate networkweb servercertCNNcertFOXclient-helloserver-cert ???Why is HTTPS not used for all web traffic?Slows down web serversBreaks Internet cachingISPs cannot cache HTTPS trafficResults in increased traffic at web siteIncompatible with virtual hosting (older browsers) LETS SEE “HTTPS IN THE BROWSER”The lock icon: SSL indicatorIntended goal:Provide user with identity of page originIndicate to user that page contents were not viewed or modified by a network attackerIn reality:Origin ID is not always helpful example: Stanford HR is hosted at BenefitsCenter.comMany other problemsWhen is the (basic) lock icon displayedAll elements on the page fetched using HTTPS (with some exceptions)For all elements:HTTPS cert issued by a CA trusted by browserHTTPS cert is valid (e.g. not expired)CommonName in cert matches domain in URLThe lock UI: help users authenticate siteIE7:The lock UI: help users authenticate siteFirefox 3:(SSL)(no SSL)The lock UI: help users authenticate siteFirefox 3: clicking on bottom lock icon givesThe lock UI: Extended Validation (EV) Certs Harder to obtain than regular certs requires human lawyer at CA to approve cert request Designed for banks and large e-commerce sites Helps block “semantic attacks”: www.bankofthevvest.comA general UI attack: picture-in-pictureHTTPSHTTPS (HTTP over SSL) combination of HTTP & SSL/TLS to secure communications between browser & serverdocumented in RFC2818no fundamental change using either SSL or TLSuse https:// URL rather than port 443 rather than 80encryptsURL, document contents, form data, cookies, HTTP headersHTTPS Useconnection initiationTLS handshake then HTTP request(s)connection closurehave “Connection: close” in HTTP recordTLS level exchange close_notify alertscan then close TCP connectionmust handle TCP close before alert exchange sent or completedSecure Shell (SSH)protocol for secure network communicationsdesigned to be simple & inexpensiveSSH1 provided secure remote logon facilityreplace TELNET & other insecure schemesalso has more general client/server capabilitySSH2 fixes a number of security flawsdocumented in RFCs 4250 through 4254SSH clients & servers are widely availablemethod of choice for remote login/ X tunnelsSSH Protocol StackSSH Transport Layer Protocolserver authentication occurs at transport layer, based on server/host key pair(s)server authentication requires clients to know host keys in advance packet exchangeestablish TCP connection can then exchange dataidentification string exchange, algorithm negotiation, key exchange, end of key exchange, service requestusing specified packet formatSSH User Authentication Protocolauthenticates client to serverthree message types:SSH_MSG_USERAUTH_REQUESTSSH_MSG_USERAUTH_FAILURE SSH_MSG_USERAUTH_SUCCESSauthentication methods usedpublic-key, password, host-basedSSH Connection Protocolruns on SSH Transport Layer Protocolassumes secure authentication connectionused for multiple logical channelsSSH communications use separate channelseither side can open with unique id numberflow controlledhave three stages:opening a channel, data transfer, closing a channelfour types:session, x11, forwarded-tcpip, direct-tcpip.SSH Connection Protocol ExchangeSummaryHave discussed:Need for web securitySSL/TLS transport layer security protocolsHTTPSSecure shell (SSH)Next lecture topicsOur course “Network Security” finishes here.We will revise the entire course of network security in next two lectures, i.e., Lecture 31 and 32.The End

Các file đính kèm theo tài liệu này:

  • pptxnetwork_security_29_0907_2027072.pptx
Tài liệu liên quan