06 protocols2
-
Upload
mikko-saerelae -
Category
Internet
-
view
218 -
download
1
Transcript of 06 protocols2
![Page 1: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/1.jpg)
PROTOCOLSDr. Mikko Särelä
![Page 2: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/2.jpg)
Discuss with your neighbors what is a
protocol?
![Page 3: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/3.jpg)
The term protocol is derived from the Greek word protokollan (first
glue)
![Page 4: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/4.jpg)
A protocol is a rule which describes how an
activity should be performed
![Page 5: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/5.jpg)
Communications protocol, a set of rules and regulations that determine how data is
transmitted in telecommunications and computer networking
![Page 6: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/6.jpg)
TLS
![Page 7: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/7.jpg)
TLS HANDSHAKE SIMPLIFIED
C →S : {C, NC , C#}
![Page 8: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/8.jpg)
TLS HANDSHAKE SIMPLIFIED
C →S : {C, NC , C#} Client sends to server S its name C, 28 bit random nonce NC and transaction serial number C# to server with a list of supported cipher suites (Client Hello)
![Page 9: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/9.jpg)
TLS HANDSHAKE SIMPLIFIED
C →S : {C, NC , C#} Client sends to server S its name C, 28 bit random nonce NC and transaction serial number C# to server with a list of supported ciphersuites (Client Hello)
S →C :{S, NS , CS, S#} Server chooses cipher suite, replies to client with server's 28 bit random nonce and server certificate with either RSA or Diffie-Hellman public key (depends on chosen cipher suite) (Server Hello), Transaction serial number s#
client usually checks certificate validity using Certificate Revocation List (CRL) or Online Certificate Status Protocol (OCSP)
C →S : {K0}KS Client sends key exchange-message to server. K0 is key material.
C → S : {finished,MAC(K1, everythingtodate)}KCS Client sends finished message containing message authentication code (MAC) computed on all the messages sent by client to date. This Mac is calculated using master-secret K1, which is computed by hashing pre-master —secret key with client and server nonces. K1 = h(KCS,NC,NS). All traffic after this is encrypted using KCS from clinet to server and KSC from server to Client
S→C:{finished,MAC(K1,everythingtodate)}KSC,{data}KSC Server sends finished message with MAC computed on all server to client send messages to date. Server starts to send data encrypted with KSC key.
![Page 10: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/10.jpg)
MIDDLEBOXES AND PROTOCOL SECURITY
Mikko Särelä, Yki Kortesniemi
Perustuu osittain Markus Peuhkurin aineistoon
![Page 11: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/11.jpg)
OVERVIEW
•Recap on certificates
•Denial of Service
•Middleboxes
•Security protocols
![Page 12: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/12.jpg)
RECAP
![Page 13: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/13.jpg)
CIA MODELReminder CIA =
- Confidentiality- Integrity- Availability
•Often amended with- Authentication- Non-Repudiation
![Page 14: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/14.jpg)
KEYS ARE THE PROBLEM
Crypto algorithms are, in general, secure
The real problem is key management
All the security relies on keys being kept secure
How do we securely e.g. agree on/distribute, store and use keys?
![Page 15: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/15.jpg)
CERTIFICATES...
Fixed form, signed
X.509, CA, validation, revocation, CRL
Authorization certificates
Delegation, chains, loops, chain recovery
Self-signed certificates, trust, reputation
![Page 16: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/16.jpg)
Key Authorization
Name
Authorization certificate
e.g. SPKI
Name or identity certificate
e.g. X.509
ACL or attribute
certificate
Subject (person /
computer / software agent)
has
uses
![Page 17: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/17.jpg)
MIDDLEBOXES
![Page 18: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/18.jpg)
FIREWALL• Divides network into two (or more) parts with different security policy
- internal network ⇔ Internet- engineering ⇔ accounting: the other network need not be a less
secure one that the other one. They just have different security policies or different assets to protect.
- internal network ⇔ public servers ⇔ Internet - building automation ⇔ VoIP ⇔ surveillance system
• Enforces security policy - allowed traffic- prohibited traffic
• Refer to IPSec security policy database (SPD): traffic is bypassed, discarded, or bypassed as protected.
• May have additional roles, such as a VPN endpoint
![Page 19: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/19.jpg)
FIREWALL TYPES•Packet-filtering
- router ACL
•Stateful keeps track on connections- Timeouts
•Application gateway interpret connection on application level
•Host-based
•Hybrid
![Page 20: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/20.jpg)
FIREWALL TOPOLOGIES
– has to have some timeout mechanism as the state space is limited. Some attacksmay exhaust state space. � random disconnections
• possible to accept related connections: some protocols need an application gateway.
Application gateway interpret connection on application level
• checks if application tra⇤c is valid
• protects from a simple port changes like running ssh protocol on port 443 (https).
• may provide a payload inspection to detect malicious payload
• proxy servers
– call-out
– in-line (transparent)
Address-translation between internal numbering and external addresses
• using NAPT provides same security as prohibiting incoming TCP and UDP
• internal topology can be hidden
Host-based or software firewalls add on application security
• completes application security and access control
• possibly user- and application-level control
Hybrid use combination of di�erent types for performance
• check start of connection with application gateway, switch to stateful filtering� betterperformance as the bulk of tra⇤c is handled by the fast path.
Firewall topologies
Internet private network
packet filter
packet filter
Internet
bastion host
serverDMZ
packet filter
Internet
packet filter
bastion host
server
modem / WLAN
Internet
bastion host
server
Building firewall rules
• Defining default policy
– “everything not prohibited is allowed”
∗ “router” ACL
∗ enumerate vulnerable services and protect them
– “everything not allowed is prohibited”
∗ enumerate need and safe services and allow only those
2
![Page 21: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/21.jpg)
WHAT FIREWALL PROTECTS AND WHAT NOT
• Protects - from known, vulnerable protocols- static network configuration
• Does not protect for / from- executable/active content, unless has integrated virus
scanner that detects it, often targeted attacks go undetected- malicious insider loopholes: modems, WLAN, mobile
networks - carry-in/out attacks such as notebooks, mass storage, rogue
WLAN APs - new attacks using applications previously considered safe - most DoS attacks
• “hard perimeter, mellow inside”
![Page 22: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/22.jpg)
NAT
•Address-translation between internal numbering and external addresses- Internal topology can be hidden- using NAPT provides same security
as prohibiting incoming TCP and UDP
![Page 23: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/23.jpg)
INTRUSION DETECTION/PREVENTION
• How to make sure that the firewall is not leaking?• How to detect internal attacks?• IDS (Intrusion Detection System) is designed to
- detect, - identify, and- report malicious activity
• IDS can be located different places- application - host - network
![Page 24: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/24.jpg)
INTRUSION PREVENTION SYSTEMS (IPS)
•IDS with an automatic response
•Suffers from a large number of false alerts ⇒ may result denial of service
•A firewall with automatic ACL update
•Virus scanners are host-based IPS
•Still at early stages- does not stop vendors from marketing. . .
![Page 25: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/25.jpg)
HONEYPOTS
•A false system similar to production system
•Used as part of IDS - to study how attacker behaves
•How to keep an attacker from telling the difference from a real system
![Page 26: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/26.jpg)
SECURITY PROTOCOLS
![Page 27: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/27.jpg)
SECURITY AND NETWORK LAYERS
1. Physical layer
2. Data link layer
3. Network layer
4. Transport layer
![Page 28: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/28.jpg)
LAYER AFFECTS SECURITY
Data link layer can only offer secure links
Network layer and above can offer end-to-end security
![Page 29: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/29.jpg)
SECURITY AND NETWORK LAYERS
Physical layer
Data link layerGSM A5, WPA2
Network layerIPSec
Transport layerTLS/SSL
![Page 30: 06 protocols2](https://reader033.fdocuments.net/reader033/viewer/2022042818/55ae2dc41a28abb5108b47e1/html5/thumbnails/30.jpg)
ASSIGNMENTS
Write lecture log (1-2 pages) and ponder what you learned.
Read Hardin’s Tragedy of the Commons and write an essay where you consider how tragedy of the commons relates to information, network, and protocol security.