Csc4430_network Security

Lecture 23 (Network Security) Outline „

Network Security z z

Basic requirements. Meeting these requirements: Privacy. Digital Signature.

z

Specific security standards in practice: Privacy standards: DES, RSA. Standard at application layer: PGP. Standard at transport layer: SSL.

CSC4430 – Data Communication and Computer Networks

1

23.1. Internet Security Threats Alice

data

channel

Bob

data, control messages

secure sender

secure receiver

data

Trudy „ „

Friends: Bob, Alice want to communicate “securely”. Enemies: Trudy, the “intruder” may intercept, add, delete or modify messages.

CSC4430 – Data Communication and Computer Networks

2

23.1. Internet Security Threats

Q: What can a “bad guy” do? A: a lot! z z z

z

z

eavesdrop: intercept messages. actively insert messages into connection. impersonation: can fake (spoof) source address in packet (or any field in packet). denial of service: prevent service from being used by others (e.g., by overloading resources). hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place.

CSC4430 – Data Communication and Computer Networks

3

23.1. Internet Security Threats „

Eavesdrop = Packet sniffing: z z

Common for broadcast media. Promiscuous NIC/adapter can read unencrypted data from all passing by packets. e.g. C sniffs B’s packets containing password.

CSC4430 – Data Communication and Computer Networks

4

23.1. Internet Security Threats „

Impersonation = IP spoofing: z

z

An intruder can generate “raw” IP packets directly from application and put any value into IP source address field. Receiver can not tell if source is spoofed. e.g. C pretends to be B.

C

A src:B dest:A

payload

B CSC4430 – Data Communication and Computer Networks

5

23.1. Internet Security Threats „

Denial of service (DOS) attack: z

z

An intruder generates a flood of maliciously packets to “swamp” receiver. Distributed DOS (DDOS): multiple coordinated sources swamp a receiver. e.g. C and remote host SYN-attack A.

C

A

SYN

SYN SYN

SYN

SYN

B SYN SYN CSC4430 – Data Communication and Computer Networks

6

23.2. Network Security Requirements „

„

Network security aims to provide secure communications. Four aspects of network security:

z

Privacy or Secrecy: Sender and receiver expect confidentiality. Only sender, intended receiver should “understand” message contents.

CSC4430 – Data Communication and Computer Networks

7

23.2. Network Security Requirements z

Authentication: Sender and receiver want to confirm identity of each other.

z

Message Integrity: Sender and receiver want to ensure message not altered (in transit, or afterwards) without detection. e.g. it would be disastrous if a request for transferring $100 changes to a request for 10,000 or $100,000.

z

Non-Repudiation: Receiver must be able to prove that a received message came from a specific sender. The sender must not be able to deny sending a message. e.g. bank must have proof that the customer actually requested this transaction.

CSC4430 – Data Communication and Computer Networks

8

23.3. Privacy „

Privacy uses cryptography: z z

Sender encrypts the message. Receiver decrypts the message.

CSC4430 – Data Communication and Computer Networks

9

23.3.1. Traditional Cryptography „ „

Ciphers were already studied in ancient times Caesar’s cipher: z z z z

„

„

replace a with d replace b with e ... replace z with c

Caesar’s cipher is an example of a monoalphabetic substitution cipher, which permutes the characters. Armed with simple statistical knowledge, one can easily break a Caesar cipher. z z z

most frequent letters in English: e, t, o, a, n, i, ... most frequent digrams: th, in, er, re, an, ... most frequent trigrams: the, ing, and, ion, ...

CSC4430 – Data Communication and Computer Networks

10

23.3.1. Traditional Cryptography „

„

The first description of the frequency analysis attack appears in a book written in the 9th century by the Arab philosopher al-Kindi. Example (S. Singh, The Code Book, 1999): PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD KBXBJYUXJ LBJOO KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL, QBOP KBO BXV OPVOV LBO LXRO CI SX'XJMI, KBO JCKO XPV EYKKOV LBO DJCMPV ZOICJO BYS, KXUYPD: “DJOXL EYPD, ICJ X LBCMKXPV XPV CPO PYDBLK Y BXNO ZOOP JOACMPLYPD LC UCM LBO IXZROK CI FXKL XDOK XPV LBO RODOPVK CI XPAYOPL EYPDK. SXU Y SXEO KC ZCRV XK LC AJXNO X IXNCMJ CI UCMJ SXGOKLU?” OFYRCDMO, LXROK IJCS LBO LBCMKXPV XPV CPO PYDBLK

CSC4430 – Data Communication and Computer Networks

11

23.3.1. Traditional Cryptography „ „

„

We identify the most common characters, digrams and trigrams in the ciphertext Example PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD KBXBJYUXJ LBJOO KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL, QBOP KBO BXV OPVOV LBO LXRO CI SX'XJMI, KBO JCKO XPV EYKKOV LBO DJCMPV ZOICJO BYS, KXUYPD: “DJOXL EYPD, ICJ X LBCMKXPV XPV CPO PYDBLK Y BXNO ZOOP JOACMPLYPD LC UCM LBO IXZROK CI FXKL XDOK XPV LBO RODOPVK CI XPAYOPL EYPDK. SXU Y SXEO KC ZCRV XK LC AJXNO X IXNCMJ CI UCMJ SXGOKLU?” OFYRCDMO, LXROK IJCS LBO LBCMKXPV XPV CPO PYDBLK First guess: z

LBO is THE

CSC4430 – Data Communication and Computer Networks

12

23.3.1. Traditional Cryptography „

Assuming LBO represents THE, we replace L with T, B with H, and O with E and get PCQ VMJYPD THYK TYSE KHXHJXWXV HXV ZCJPE EYPD KHXHJYUXJ THJEE KCPK. CP THE THCMKXPV XPV IYJKT PYDHT, QHEP KHO HXV EPVEV THE LXRE CI SX'XJMI, KHE JCKE XPV EYKKEV THE DJCMPV ZEICJE HYS, KXUYPD: “DJEXT EYPD, ICJ X THCMKXPV XPV CPE PYDHTK Y HXNE ZEEP JEACMPTYPD TC UCM THE IXZREK CI FXKT XDEK XPV THE REDEPVK CI XPAYEPT EYPDK. SXU Y SXEE KC ZCRV XK TC AJXNE X IXNCMJ CI UCMJ SXGEKTU?” EFYRCDME, TXREK IJCS THE THCMKXPV XPV CPE PYDBTK

CSC4430 – Data Communication and Computer Networks

13

23.3.1. Traditional Cryptography „

„

„

Code: X Z A V O I D B Y G E R S P C F H J K L M N Q T U W A B C D E F G H I J K L M N O P Q R S T U V W X Y Z Ciphertext: PCQ VMJYPD LBYK LYSO KBXBJXWXV BXV ZCJPO EYPD KBXBJYUXJ LBJOO KCPK. CP LBO LBCMKXPV XPV IYJKL PYDBL, QBOP KBO BXV OPVOV LBO LXRO CI SX'XJMI, KBO JCKO XPV EYKKOV LBO DJCMPV ZOICJO BYS, KXUYPD: “DJOXL EYPD, ICJ X LBCMKXPV XPV CPO PYDBLK Y BXNO ZOOP JOACMPLYPD LC UCM LBO IXZROK CI FXKL XDOK XPV LBO RODOPVK CI XPAYOPL EYPDK. SXU Y SXEO KC ZCRV XK LC AJXNO X IXNCMJ CI UCMJ SXGOKLU?” OFYRCDMO, LXROK IJCS LBO LBCMKXPV XPV CPO PYDBLK Plaintext: Now during this time Shahrazad had borne King Shahriyar three sons. On the thousand and first night, when she had ended the tale of Ma'aruf, she rose and kissed the ground before him, saying: “Great King, for a thousand and one nights I have been recounting to you the fables of past ages and the legends of ancient kings. May I make so bold as to crave a favour of your majesty?” Epilogue, Tales from the Thousand and One Nights

CSC4430 – Data Communication and Computer Networks

14

23.3.2. Modern Cryptography „

Two categories of modern cryptography: z

Secret key or Symmetric key crypto: Sender and receiver use the same key. The decryption algorithm is the inverse of the encryption algorithm.

CSC4430 – Data Communication and Computer Networks

15

23.3.2. Modern Cryptography z

Secret key or Symmetric key crypto (continued): Commonly used to encrypt and decrypt long messages. Advantage: Efficient – takes less time to encrypt message than using public key crypto due to the smaller key.

Disadvantages: Each pair of users must have a secret key. So, for N users to communicate, we need N(N-1)/2 keys. Difficult to distribute the key between two parties.

Most common method: DES (Data Encryption Standard).

CSC4430 – Data Communication and Computer Networks

16

23.3.2. Modern Cryptography z

Public-key crypto: Sender and receiver uses different keys. Each user has two keys: A private key is kept by the user. A public key is announced to the public.

CSC4430 – Data Communication and Computer Networks

17

23.3.2. Modern Cryptography z

Public-key crypto (continued): Example:

All customers use the public key of the bank to encrypt the message. The bank uses its private key to decrypt the message. CSC4430 – Data Communication and Computer Networks

18

23.3.2. Modern Cryptography z

Public-key crypto (continued): More efficient for short messages. Advantages: Remove the problem in sharing the keys. The number of keys needed is reduced tremendously.

Disadvantage: Complexity of the algorithm.

Most common method: RSA (Rivest, Shamir, Adleman).

CSC4430 – Data Communication and Computer Networks

19

23.3.2. Modern Cryptography „

Privacy using the combination: z

Combine the advantage of the secret key method (efficiency) with the advantage of the public key method (easy distribution of keys).

CSC4430 – Data Communication and Computer Networks

20

23.3.2. Modern Cryptography „

Privacy using the combination (continued): z z z

Public key is used to encrypt the secret key. The secret key is used to encrypt the message. Procedure: Sender chooses a secret key – called one-session key. Sender uses the public key of the receiver to encrypt the secret key and sends the encrypted secret key to the receiver. Receiver uses the private key to decrypt the secret key. The sender uses the secret key to encrypt the actual message.

CSC4430 – Data Communication and Computer Networks

21

23.4. Digital Signature „ „

Electronic equivalent of written signature. Two choices: z z

Signing the entire document. Signing the digest (condensed version) of the document.

CSC4430 – Data Communication and Computer Networks

22

23.4.1. Signing the Whole Document „

Can use public key encryption, but use different roles: z z

Sender uses her private key to encrypt (sign). Receiver uses the public key of the sender to decrypt the message.

CSC4430 – Data Communication and Computer Networks

23

23.4.2. Signing the Digest „

„

Also use public key encryption, but on the digest (shorter version) of the document. Use a hash function to create the digest.

CSC4430 – Data Communication and Computer Networks

24

23.4.2. Signing the Digest z

Properties of a hash function: Hashing is one-way. It can only create the digest from the message and not vice versa. Produces a fixed-size digest.

Hashing is one-to-one function. There is little probability that two messages will create the same digest. Any small change in the document (even a space) will give a different hashed value. z

Two most common hash function: MD5 (Message Digest 5): produces 120-bit digest. SHA-1 (Secure Hash Algorithm 1): produces 160bit digest. SHA-1 is a US standard.

CSC4430 – Data Communication and Computer Networks

25

23.4.2. Signing the Digest „

Sender site:

z z z

Create the digest. Sign the digest using private key. Send the digest with original message.

CSC4430 – Data Communication and Computer Networks

26

23.4.2. Signing the Digest „

Receiver site:

z z

Decrypt the digest. Compare the digest with its own digest.

CSC4430 – Data Communication and Computer Networks

27

23.4. Digital Signature „ „

Both use public key encryption. Digital signature provides: z

Integrity: If an intruder intercepts the message and partially changes it, the decrypted message will be unreadable.

z

Authentication: If C pretends to be B (the sender), then C will use her private key to encrypt. If the receiver uses the public key of B to decrypt the message, it will be unreadable.

z

Non-repudiation: If the receiver can decrypt the message using B public key, then B must be the sender.

CSC4430 – Data Communication and Computer Networks

28

23.4. Digital Signature „

„

Non-repudiation relies on ensuring that the public key actually belongs to B (the right sender). Thus, we need a Certification Authority (CA).

CSC4430 – Data Communication and Computer Networks

29

23.4. Digital Signature „

Certification authority (CA): z

„

binds public key to particular entity, E.

E (person, router) registers its public key with CA. z z z

E provides “proof of identity” to CA. CA creates a certificate binding E to its public key. The certificate is digitally signed by CA – CA says “this is E’s public key”.

Bob’s public key Bob’s identifying information

+

KB

digital signature (encrypt) CA private key

CSC4430 – Data Communication and Computer Networks

K-

CA

+

KB certificate for Bob’s public key, signed by CA 30

23.4. Digital Signature „ „

Serial number (unique to issuer) info about certificate owner, including algorithm and key value itself (not shown) „ info about certificate issuer „ valid dates „ digital signature by issuer

CSC4430 – Data Communication and Computer Networks

31

23.4. Digital Signature „

When Alice wants Bob’s public key: z z

gets Bob’s certificate (Bob or elsewhere). apply CA’s public key to Bob’s certificate, get Bob’s public key. + KB

digital signature (decrypt) CA public key

Bob’s public + key KB

+ K CA

CSC4430 – Data Communication and Computer Networks

32

23.5. DES „

DES (Data Encryption Standard): z

z

z

Originally developed in IBM, now an ANSI standard. Encrypts 64-bit plaintext using 56-bit symmetric key. How secure is DES? Using brute force, it requires 4 months to decrypt 56-bit-key-encrypted phrase. No known “backdoor” decryption approach.

„

Triple DES: z

Improves security by using DES three times with different keys.

CSC4430 – Data Communication and Computer Networks

33

23.5. DES „

DES uses bit-level encryption technique: z

z

„

Divide data (text, graphics, audio or video) into blocks of bits. Alter the bits by using permutation, exclusive OR, rotation, etc.

Permutation: z

Changing the position of the bits.

CSC4430 – Data Communication and Computer Networks

34

23.5. DES „

Exclusive OR:

„

Rotation:

CSC4430 – Data Communication and Computer Networks

35

23.5. DES „

Schematic diagram of DES:

z z

First step and last two steps are relatively simple. Step 2-17 use the same procedure but different key, derived from the original key.

CSC4430 – Data Communication and Computer Networks

36

23.5. DES „

DES subkey generation:

„

One of the 16 complex steps:

CSC4430 – Data Communication and Computer Networks

37

23.6. RSA „

RSA (Rivest, Shamir, Adleman): z

Is an algorithm for public-key encryption.

z

In this method: Sender uses a public key of receiver Kp. Receiver uses its secret (private) key Ks. Both use a number N.

z

It is reciprocal, i.e. Kp(Ks(P)) = P or Ks(Kp(P)) = P.

CSC4430 – Data Communication and Computer Networks

38

23.6. RSA „

Encryption algorithm: z

z z

„

Encode the data as a number to create the plaintext P. Calculate the ciphertext C as C = PKp modulo N. Send C as the ciphertext.

Decryption algorithm: z z z

Receive C, the ciphertext. Calculate the plaintext P = CKc modulo N. Decode P to the original data.

CSC4430 – Data Communication and Computer Networks

39

23.6. RSA „

Example: Kp = 5, Ks = 77, N = 119.

CSC4430 – Data Communication and Computer Networks

40

23.6. RSA „

Choosing Kp, Ks and N. 1. 2. 3. 4. 5.

Pick a pair of prime number p and q. Calculate N = p × q. Calculate m = (p-1) × (q-1). Select Kp that is not a factor of m. Select Ks such that (Kp × Ks) mod m = 1. 1. 2. 3. 4. 5.

p = 7, q = 17 N = 7 ×17 = 119 m = (7-1) × (17-1) = 96 Kp = 5 Kc = 77

CSC4430 – Data Communication and Computer Networks

41

23.6. RSA „

Security of RSA: z

z

z

The complexity lies in the process of picking the prime numbers (p and q) for a given N. It would take more than 70 years to find the numbers with 100 bits (N). RSA Laboratories recommends N = 1024 bits.

CSC4430 – Data Communication and Computer Networks

42

23.7. PGP „

PGP (Pretty Good Privacy): z

z

z

Is an example of a good secure system as it provides all four aspects of security. Is the de-facto standard for Internet e-mail encryption. Uses: Digital signature – provide integrity, authentication and non-repudiation. Combination of secret key and public key encryption – provide privacy.

CSC4430 – Data Communication and Computer Networks

43

23.7. PGP „

PGP at the sender site:

CSC4430 – Data Communication and Computer Networks

44

23.7. PGP „

PGP at the receiver site:

CSC4430 – Data Communication and Computer Networks

45

23.8. SSL „

SSL (Secure Socket Layer): z z

z

Works at the transport layer. Provides all four aspects of security to any TCPbased applications using SSL services. Example: secure http - used between WWW browsers and web servers. Client

Server

HTTP, telnet

HTTP, telnet

SSL

SSL

TCP/IP

TCP/IP

CSC4430 – Data Communication and Computer Networks

46

23.8. SSL z

Transaction using normal http: Can see the plaintext using packet sniffer.

z

Transaction using secure http: Only see the ciphertext.

CSC4430 – Data Communication and Computer Networks

47

23.9. Summary „

Network Security: z

Four aspects of network security. Privacy – achieved using cryptography : Section 27.2. Integrity, authentication and non-repudiation – achieved using digital signature : Section 27.3.

z

Specific security standards in practice: Privacy standards: DES, RSA : Section 23.2. Application layer: PGP : Section 27.4. Transport layer: SSL.

CSC4430 – Data Communication and Computer Networks

48