Sccs 420 Ch 31 (message Security)

Contents

LECTURE 13

Network and Internet Security

• I. Security Services • II. Message Confidentiality • III. Message Integrity • IV. Message Authentication • V. Digital Signature • VI. Entity Authentication

Chapter 31 Network Security

• VII. Key Management

(Forouzan, Data Communications and Networking, 4th Edition)

2

1

I. Security Services

Figure 31.1 Security services related to the message or entity

Network security can provide five services. Four of these services are related to the message exchanged using the network. The fifth service provides entity authentication or identification. Topics discussed in this section: Message Confidentiality Message Integrity Message Authentication Message Nonrepudiation Entity Authentication

• • • • 3

Integrity: No change during transmission Authentication: Confirm author’s identity Nonrepudiation: Sender cannot deny sending a message that he did send Entity authentication: User identity is verified prior to accessing system resource 4

II. Message Confidentiality

Symmetric and Asymmetric keys • Symmetric key cryptography

The concept of how to achieve message confidentiality or privacy has not changed for thousands of years. The message must be encrypted at the sender site and decrypted at the receiver site. This can be done using either symmetric-key cryptography or asymmetric-key cryptography.

—Same key for encryption and decryption

• Asymmetric key cryptography —One key for encryption, and another key for decryption —Often called private key and public key —Computationally intensive

Topics discussed in this section: Confidentiality with Symmetric-Key Cryptography Confidentiality with Asymmetric-Key Cryptography 5

Figure 31.2 Message confidentiality using symmetric keys in two directions

6

Figure 31.3 Message confidentiality using asymmetric keys

• Two pairs of keys are needed

7

8

III. Message Integrity

Figure 31.4 Message and message digest

Encryption and decryption provide secrecy, or confidentiality, but not integrity. However, on occasion we may not even need secrecy, but instead must have integrity. For example, maintaining content of a will or financial command. Topics discussed in this section:

• Hash function creates a compressed image of the message —Hash function is one-way

Document and Fingerprint Message and Message Digest Creating and Checking the Digest Hash Function Criteria Hash Algorithms: SHA-1

To preserve the integrity of a document, both the document and the fingerprint are needed. The message digest needs to be kept secret. 9

Figure 31.5 Checking integrity

10

Figure 31.7 Message digest creation

SHA-1 (Secure Hash Algorithm 1) hash algorithms create an N-bit message digest out of a message of 512-bit blocks. SHA-1 has a message digest of 160 bits (5 words of 32 bits). 11

12

IV. Message Authentication

Figure 31.8 Processing of one block in SHA-1

A hash function per se cannot provide authentication. The digest created by a hash function can detect any modification in the message, but not authentication.

 


Topics discussed in this section: MAC (Message Authentication Code)

    

     

      

   13

Figure 31.9 MAC, created by Alice and checked by Bob

14

Figure 31.10 HMAC

• MDC (Message Digest Creation) uses a keyless hash function • MAC uses a keyed hash function — Use a symmetric key when creating the digest

• HMAC (Hashed MAC) —Applying standard keyless hash function to the concatenation of the message and a symmetric key 15

16

V. Digital Signature

Figure 31.11 Signing the message itself in digital signature

When Alice sends a message to Bob, Bob needs to check the authenticity of the sender; he needs to be sure that the message comes from Alice and not Eve. Bob can ask Alice to sign the message electronically. In other words, an electronic signature can prove the authenticity of Alice as the sender of the message. We refer to this type of signature as a digital signature.

A digital signature needs a public-key system.

• Public key is one form of asymmetric key

Topics discussed in this section:

In a cryptosystem, we use the private and public keys of the receiver; in digital signature, we use the private and public keys of the sender.

Comparison Need for Keys Process 17

18

Services of Digital Signature

Figure 31.12 Signing the digest in a digital signature

• Digital signature does not provides message confidentiality —Need to be additionally encrypted with either a secret key or public key cryptosystem

• A digital signature today provides message integrity, authentication • Digital signature also provides message nonrepudiation —Need to ensure that changes in private/public key are tracked —Trusted third party is required to keep track of changing private/public key and to handle key exchange

• Signing the entire message is inefficient • Sender can sign the message digest instead 19

20

VI. Entity Authentication

Figure 31.13 Using a trusted center for nonrepudiation

Entity authentication is a technique designed to let one party prove the identity of another party. An entity can be a person, a process, a client, or a server. The entity whose identity needs to be proved is called the claimant; the party that tries to prove the identity of the claimant is called the verifier. • Center verifies that message comes from Alice • Center saves a copy of the message along with Alice’s identity and timestamp

Topics discussed in this section: Passwords Challenge-Response

Nonrepudiation can be provided using a trusted party. 21

22

Entity Authentication

Challenge-Response

• Entity authentication occurs in real time

• Prevent interception of the password

—Message authentication does not

In challenge-response authentication, the claimant proves that she knows a secret without revealing it.

• Entity authentication occurs once per session —Message authentication occurs once per message

The challenge is a time-varying value sent by the verifier; the response is the result of a function applied on the challenge.

• Rely on one of the three witnesses —Something known: PIN, password, etc. • Fixed password is easy to eavesdrop, steal, hack into, or guess • Make more secure by storing a hashed password and concatenate random string to the password

—Something possessed: ID card, credit card, token —Something inherent: Fingerprint, signature, retina —More secure when combined together: ATM card and ATM PIN 23

• The response shows that the claimant knows the secret • Symmetric-Key Cipher —Secret = shared secret key —Function = encrypting algorithm 24

Figure 31.15 Challenge-response authentication using a timestamp

Figure 31.14 Challenge/response authentication using a nonce

• RB = Current time —Assuming that clocks are synchronized, there is no need to transmit RB

• RB = random nonce chosen by Bob • Need symmetric key at both ends 25

Figure 31.16 Challenge-response authentication using a keyed-hash function

26

Figure 31.17 Authentication, asymmetric-key

• Timestamp is sent in both clear text and keyedhash • Secret = Claimant’s private key • Verifier encrypts challenge using Claimant’s public key • Response = decrypted challenge text 27

28

VII. Key Management

Figure 31.18 Authentication, using digital signature

We never discussed how secret keys in symmetric-key cryptography and how public keys in asymmetric-key cryptography are distributed and maintained. In this section, we touch on these two issues. We first discuss the distribution of symmetric keys; we then discuss the distribution of asymmetric keys. Topics discussed in this section:

• Claimant use private key for signing instead of decryption

Symmetric-Key Distribution Public-Key Distribution 29

Symmetric Key Distribution

30

Figure 31.19 KDC

• Unique key is needed for each communicating pair — N (N-1)/2 keys are needed for N people —Cumbersome if everyone do this themselves

• Key Distribution Center (KDC) —Trusted third party —Each person only has to establish a shared secret key with the KDC —KAlice is unique to Alice —KDC inform Bob of Alice request —If Bob agrees, a session key is created between Bob and Alice 31

A session symmetric key between two parties is used only once. 32

Figure 31.30 Creating a session key between Alice and Bob using KDC

Figure 31.21 Kerberos servers • AS = Authentication Server — Authenticate using username and password — Issue session key between Alice & TGS

• TGS = Ticket-Granting Server — Issue session key between Alice & Bob

• Alice = client requesting service from server (Bob) • Steps 3 to 6 are repeated for a new server

• Alice is authenticated in the second message —Only Alice can decrypt the message 33

34

Figure 31.22 Kerberos example Figure 31.23 Announcing a public key • KA is created from Alice’s password • KS = Session key • T (Timestamp) is used to prevent replay attack • Bob confirms by adding 1 to Timestamp

In public-key cryptography, everyone has access to everyone’s public key; public keys are available to the public.

• Public key needs to be distributed to be useful • Using personal website or newspaper are not secure — Anyone can make such announcement

35

36

Figure 31.24 Trusted center

Figure 31.25 Controlled trusted center • Everyone can directly request trust center for public key

• Trust center — Require that everyone prove his/her identity before register — Credible organization

— Create load on the server and prevent offline operation

37

38

Figure 31.27 PKI hierarchy

Figure 31.26 Certification authority (CA) • CA bind public key to an entity and issue certificate — CA has well-known public key — Certificate often come in X.509 format • Contain version, serial number, algorithm, issuer, validity period, subject, subject’s public key, etc.

• Multiple KDC to distribute load

39

40