Information and Network Security Rudra Dutta CSC 401- Fall 2011, Section 001.

Information and Network Information and Network SecuritySecurity

Rudra DuttaCSC 401- Fall 2011, Section 001

Network SecurityNetwork Security Based on concepts of information security

– Complementary to: physical security of networks and endpoints

– Also related to: human security

Comparatively recent concern with security in networks

Various “attackers” or “malcontents” at various levels of seriousness, frequency, ability

Overarching goal – no single place (many vulnerabilities)

No such thing as 100% security2Copyright Rudra Dutta, NCSU, Fall 2011

Components of StudyComponents of Study Basic concerns

– Confidentiality, authentication, non-repudiation, integrity

– Availability, authorization

Fundamental tools– Cryptography

Building blocks– Signatures, certifications, …

Protocols / architectures– IPSec, firewall, VPN, PGP, SSL, Shibboleth …

Emerging trend: trust managementCopyright Rudra Dutta, NCSU, Fall 2011 3

Security ConcernsSecurity Concerns Confidentiality (Secrecy, Privacy)

– Nobody but intended recipient should know content– “Person-in-the-middle” possibility in networks

Authentication– Confidence in recognizing trusted or known entity

Non-repudiation– Inability to claim innocence of past action

Integrity– Message received same as message sent

Availability– Infrastructure / resource available to genuine use

Authorization– Policy form of confidentiality

Copyright Rudra Dutta, NCSU, Fall 2011 4

CryptographyCryptography

DK ( EK ( P ) ) = P (symmetric-key)

“Algorithm is public, only keys are secret” Attacks: (i) ciphertext-only, (ii) known-plaintext,

(iii) chosen-plaintextCopyright Rudra Dutta, NCSU, Fall 2011 5

Ciphers as TransformationCiphers as Transformation

6Copyright Rudra Dutta, NCSU, Fall 2011

Simple substitution cipher– More advanced ones possible

Fundamental principles:– Messages must contain some redundancy– Some method is needed to foil replay attacks

The first implies that plaintext “space” must be large and sparsely used – can use cryptographic hashes

The second shows the need of timestamp or equivalent Ciphering (even efficiently) is only useful if these

conditions are first met

Data Encryption StandardData Encryption Standard


A comparatively older and simpler symmetric key cipher

Each stage uses a different 48-bit key derived from the main 56-bit key

Li-1 is transformed to 48 bits, bit-XOR’d with key, mapped back into 32 bits

Other CiphersOther Ciphers

Some common symmetric-key cryptographic algorithms


Public Key CryptographyPublic Key Cryptography Weak point: key distribution

– Keys have to be distributed, yet kept secret– Once a key is compromised, worse than useless

Solution: asymmetric keys– Encryption and decryption use different keys which are not

trivially related to each other– Diffie-Hellman, 1976

D ( E ( P )) = P Exceedingly difficult to deduce D from E E cannot be broken by chosen-plaintext attack

E(.) can be made public – D(.) is never distributed “public key cryptography”


RSA (RSA (RRivest, ivest, SShamir, hamir, AAdleman)dleman)1. Choose two large primes, p and q (e.g. 3 and 11)

2. Compute n = p × q and z = ( p − 1) × (q − 1)

3. Choose number relatively prime to z – call it d (7)

4. Find e such that e × d = 1 mod z (3)

E(.) : C = Pe (mod n) D(.) : P = Cd (mod n)


Tools: Digital SignaturesTools: Digital Signatures

Required Conditions:1. Receiver can verify claimed identity of sender.

2. Sender cannot later repudiate contents of message.

3. Receiver cannot have concocted message himself.


Message Digests (Cryptographic Hash)Message Digests (Cryptographic Hash)

Message Digest (e.g. MD5) propertiesl Given P, easy to compute MD(P).l Given MD(P), effectively impossible to find P.l Given P no one can find P′ such that MD(P′) =

MD(P).l Change to input of even 1 bit produces very

different output.


Message digests can form Digital signatures(However, vulnerable to birthday attack)

Management of Public KeysManagement of Public Keys

Trudy can subvert public-key encryption: need certification


Achieving Security in NetworksAchieving Security in Networks IPSec – Security in IP layer between endpoints Firewalls – policing at gateways VPNs – Multipoint-to-multipoint secure

community over insecure Internet Kerberos etc. – authentication over insecure

Internet PGP etc. – Security between application

endpoints DNSSec – Securing DNS transactions TLS / SSL – API to encapsulate process-to-

process (client-server) securityCopyright Rudra Dutta, NCSU, Fall 2011 14

IP Security IP Security Multiple services, separate

– Secrecy, Integrity, Replay protection– Based on symmetric keys– Pluggable algorithm modules

Security Association– End-to-end context, unidirectional, security identifier– Allows use of IPSec at different granularities

Transport mode– IPSec header Inserted after IP header– Integrity, authentication, replay attacks with AH– Origin (integrity, authentication), secrecy, replay with ESP

Tunnel mode– IP packet encapsulated in new IP packet, ESP– Integrity, authentication, secrecy, replay


Key ManagementKey Management Shared keys Distribution (sharing) of keys outside SA ISAKMP framework

– Manual pre-configuration– Internet Key Exchange v2 protocol– DNS as key distributor– Others …

When two IP endpoints want to setup a SA, they already have a shared key / have a way to share a key


IPsec AHIPsec AH

Transport mode only – Authentication Header– In IPv6, used as extension header

In IP header, Protocol is 51 for IPSec

Identifier

Detect replay attacks

Hashed Message Authentication CodeSignature computed using shared key


IPsec ESPIPsec ESP

Header contains security identifier and sequence number

Originally, secrecy only (not integrity) Later extended by adding authentication signature Eventually likely to phase out AH


FirewallsFirewalls

Packet filtering gateways– Can filter by ports, or any other field

DMZ or Perimeter Networks can complement Stateless, stateful, application-level gateways Should form component of overall security picture


Virtual Private NetworksVirtual Private Networks

Create virtual circuits between gateways of each physical network of an organization

– Actually, not virtual circuits but SA tunnels– Firewalls as well as gateways

Intermediate routers can transport but not compromise– May provide MPLS tunnels (with bandwidth provisions)


KerberosKerberos

“Three-headed” scheme Separate user authentication from service authorization Password not transmitted, on public workstation briefly


KS: Session key

KAB: Service session key

Ticket granting ticket

Service ticket

Pretty Good PrivacyPretty Good Privacy

RSA used to encrypt small, random words IDEA (much faster) encrypts larger message

Bob confident of P, Alice

Random input by Alice

Like DES

Only Bob can get KM


PGP MessagePGP Message


DNSDNS


DNS SpoofingDNS Spoofing


Poisoning DNSPoisoning DNS

Basically – force DNS server to query, and send false answer right behind the query

Need to first know sequence number – register bogus domain


DNSSecDNSSec DNSSec attempts to provide:

– Proof of where the data originated– Public key distribution– Transaction and request authentication

DNS replies are Resource Records– Grouped into sets – RRSets

Each DNS zone has public/private key pair– RRSet to be delivered is cryptographically hashed– Hash is signed by zone’s private key

New RR types to store key, hash, specify algorithm (and others such as validity period)

Hashing and signing is offline – at zone Signatures also protect query-response between servers


SSL / TLSSSL / TLS Encapsulate security for application programs Original SSL proposed by Netscape, later TLS standardized by

IETF– TLS is incompatible with SSL– Falls back on SSL, but not earlier than SSL 3.0

Newly generated key to sign and encrypt data for each connection


SummarySummary Cryptography and privacy/secrecy of keys used

to assure security goals Network security largely still in the stage of

shoring up known exploits Understanding of vulnerabilities are still on a

case-by-case basis “Encrypt everything” may be both overkill and

underkill Significant growth area


Information and Network Security Rudra Dutta CSC 401- Fall 2011, Section 001.

Documents

Transcript of Information and Network Security Rudra Dutta CSC 401- Fall 2011, Section 001.