Presentation is loading. Please wait.

Presentation is loading. Please wait.

Distributed Systems Security Overview Douglas C. Sicker Assistant Professor Department of Computer Science and Interdisciplinary Telecommunications Program.

Published byEleanor Vallie Modified over 10 years ago

Similar presentations

Presentation on theme: "Distributed Systems Security Overview Douglas C. Sicker Assistant Professor Department of Computer Science and Interdisciplinary Telecommunications Program."— Presentation transcript:

1 Distributed Systems Security Overview Douglas C. Sicker Assistant Professor Department of Computer Science and Interdisciplinary Telecommunications Program

2 Network Security What well cover: –What is network security? –What are the goals? –What are the threats? –What are the solutions? –How do they operate? This is a lot of info and it might take a few reads to stick.

3 Network Security Some issues with the book… Assumes malicious intent as the reason for needing security. –Is this valid? Focus on the protocols (not surprising) –However, the real problems with security are mostly outside of the technical space (see the Economist articles). –What else should we consider? For example, more depth on security models, security policy, assurance, insurance, risk assessment… –Lastly, keep in mind that even the best protocols can be misapplied.

4 Network Security What do we seek? –Confidentially –Integrity –Availability –Non-repudiation –Accounting Mnemonic CIA Lets start with some general threats –Leakage –Tampering –Vandalism

5 Network Security Attacks –Guessing passwords –Exploiting program operation –Intercepting messages –Message replay –Birthday attack –Overloading resources (DDoS) Whats the easy method of attack?

6 Network Security Secure design Its a bit of a fallacy, even formal models fail –Why? There was early work in secure OS. –What do you think derailed this work? Often the goal is to avoid disasters and minimize problems Whats the threat, whats the attack and how do we avoid it? Some things to consider –Whats it worth? –Whats it timeliness?

7 Network Security Cryptology, Cryptography, Cryptanalysis Encryption Decryption Whats a key? –Secret –Private –Public Some uses of cryptographic methods –Secrecy –Authentication –Signature

8 Network Security Some Important Notation Ka Kab Kapriv Kapub M {M}K [M]K n H Some Characters Alice and Bob Eve Mallory Sue or Sara

9 Network Security Secrecy and integrity (shared secret) AMAM AE(Kab,M) A:B{M}Kab BD(Kab,M) Problems:

10 Network Security Authentication (shared secrets) Ticket –An encrypted item generally provided by an authentication server that contains an identity and a shared key generated for that session. 1.A:S request a ticket to talk to B 2.S:A {{ticket}Kb, Kab}Ka Ticket ={Kab, Alice} 3.A:B {Ticket}Kb, Alice, R Problems?

11 Network Security Secrecy and authentication (Public Keys) 1.A obtains Kbpub 2.A:B keyname, {Kab}Kbpub 3.B decrypts with Kbpriv 4.Now A and B can use Kab This is actually a hybrid technique. (why?) Problems?

12 Network Security Digital Signature A verification that a message has not been altered. Generally, the DS is on a digest, not the whole message –A Digest is a fixed length value computed by a hash function 1.A creates a digest Digest (M) 2.A:B M, {Digest (M)}Kapriv 3.B uses Kapub to decrypt B now computes digest on M and compares

13 Network Security Certificate –A document signed by a trusted principal Certificate Chain –A hierarchy of trust Requirements of certificates –Standardized format –Agreed chain construction –Problem: revocation (somewhat solved with expiry dates)

14 Figure 7.5 Public-key certificate for Bobs Bank 1.Certificate type:Public key 2.Name:Bobs Bank 3.Public key:K Bpub 4.Certifying authority:Fred – The Bankers Federation 5.Signature: {Digest(field 2 + field 3)} K Fpriv

15 Network Security Access control –Process of deciding whether to allow a principal to carry out an operation or a certain resource. Protection Domain –Abstraction indicating the rights and resources –Really just a set of processes that share access to a resource. –Implemented by capabilities and ACL Credentials –Set of evidence provided by a principal –Delegation – giving authority to another principal

16 Network Security Cryptographic algorithms Block ciphers –message is divided into blocks, encrypted and sent –Problem: repeating patterns Cipher Block Chaining (CBC) –Combine plaintext with previous cipher text (XOR) –Problem: beginning or trailing repetition (solution?) Stream cipher –Used with realtime communication –Bit by bit encryption –Keystream generator (obscure data)

17 Figure 7.6 Cipher block chaining n n+3n+2n+1 XOR E(K, M) n-1n-2 n-3 plaintext blocks ciphertext blocks Decryption?

18 Network Security Shannon –The E –Confusion (obscure) –Diffusion (randomize) Symmetric Algorithms –TEA –DES –IDEA –AES Asymmetric Algorithms –RSA –Diffie Hellman

19 Network Security Cryptographic algorithms Secret key (Symmetric) D (K, E(K,M)) = M If you know M and {M}K, a brute force attack takes 2 n-1 (average) 2 n (maximum) Public/private key (Asymmetric) Involves a trapdoor or secret exit Generally a mathematical concept –Product of 2 large primes (easy), Factoring that product (hard) –Function of a curve

20 Figure 7.10 TEA in use void tea(char mode, FILE *infile, FILE *outfile, unsigned long k[]) { /* mode is e for encrypt, d for decrypt, k[] is the key.*/ char ch, Text[8]; int i; while(!feof(infile)) { i = fread(Text, 1, 8, infile);/* read 8 bytes from infile into Text */ if (i <= 0) break; while (i < 8) { Text[i++] = ' ';}/* pad last block with spaces */ switch (mode) { case 'e': encrypt(k, (unsigned long*) Text); break; case 'd': decrypt(k, (unsigned long*) Text); break; } fwrite(Text, 1, 8, outfile);/* write 8 bytes from Text to outfile */ }

21 Figure 7.9 TEA decryption function void decrypt(unsigned long k[], unsigned long text[]) { unsigned long y = text[0], z = text[1]; unsigned long delta = 0x9e3779b9, sum = delta << 5; int n; for (n= 0; n < 32; n++) { z -= ((y > 5) + k[3]); y -= ((z > 5) + k[1]); sum -= delta; } text[0] = y; text[1] = z; }

22 Network Security Digital Signature –Authenticate –Unforgeable –Nonrepudiation =>Bind identity to document Two mechanisms –Digital signature (Private or public) –Digital function (Secure hash)

23 Digital signatures with public keys 1.A generates Kapub and Kapriv (Makes Kapub available) 2.A computes digest M => H(M); S= {H(M)}Kapriv 3.A:B M, S 4.B decrypts S with Kapub => H(M); computes H(M) and compares

24 Low-cost signatures with a shared secret key 1.A generates K; sends it to B (securely) 2.A computes h=H(M+K) 3.A:B M,h 4.B computes H(M+K) and compares

25 Network Security Characteristics of a Secure Digest Function 1.Given M, it is easy to compute h 2.Given h, it is hard to compute M 3.Given H(M), it should be very hard to find H(M)=H(M 1 ) MD5 and SHA are examples of secure digests

26 Network Security Certificate standards and authorities X.509 –provides the standard format; binds public key to a subject based on a trusted signature –Includes a validity period Certificate Authority –Provided by a certificate authority –Verisign …

27 Network Security Pragmatics Review the book for info on performance of protocols Politics of security are quite messy –Government resistance International front Criminal front –Many issues to consider, even as a technologist –Corporate drivers versus Government (national and public safety drivers) –Corporate and government versus civil liberties

28 Figure 7.15 The Needham–Schroeder secret-key authentication protocol HeaderMessageNotes 1. A->S: A, B, N A A requests S to supply a key for communication with B. 2. S->A: {N A, B, K AB, {K AB, A} K B } K A S returns a message encrypted in As secret key, containing a newly generated key K AB and a ticket encrypted in Bs secret key. The nonce N A demonstrates that the message was sent in response to the preceding one. A believes that S sent the message because only S knows As secret key. 3. A->B: A sends the ticket to B. 4. B->A: B decrypts the ticket and uses the new key K AB to encrypt another nonce N B. 5. A->B: A demonstrates to B that it was the sender of the previous message by returning an agreed transformation of N B. {K AB, A} K B {N B } K AB {N B - 1} K AB

29 Figure 7.16 System architecture of Kerberos Server Client DoOperation Authentication database Login session setup Ticket- granting service T Kerberos Key Distribution Centre Server session setup Authen- tication service A 1. Request for TGS ticket 2. TGS ticket 3. Request for server ticket 4. Server ticket 5. Service request Request encrypted with session key Reply encrypted with session key Service function Step B Step A Step C C S

30 Network Security Kerberos -MIT extension of N&S 1.C:A C,T,n 2.A:C {Kct,n}Kc, {ticket(C,T)}Kt {ticket(C,T)}Kt = {C,T,t1,t2,Kct}Kt 3.C:T{auth(C)}Kct, {ticket(C,T)}Kt, S, n {auth(C)}Kct = {C,t}Kct 4.T:C {Kcs,n}Kct, {ticket(C,S)}Ks 5.C:S{auth(C)}Kcs, {(ticket(C,S)}Ks, request, n 6.S:C {n}Kcs, reply

Download ppt "Distributed Systems Security Overview Douglas C. Sicker Assistant Professor Department of Computer Science and Interdisciplinary Telecommunications Program."

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.

MAC Raushan. DES simple fiestel network 3131 PlainText Blocks 2*4=8bits 31 f f =0011 xor 0011=0000 = 0 f(r,k)=(2*r+k^2)%8 f(1,5)=(2*1+5^2)%8=3 xor 3 3.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CSE 486/586, Spring 2014 CSE 486/586 Distributed Systems Security --- 2 Steve Ko Computer Sciences and Engineering University at Buffalo.

CSE 486/586, Spring 2014 CSE 486/586 Distributed Systems Security Steve Ko Computer Sciences and Engineering University at Buffalo.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
CS 425 / ECE 428 Distributed Systems Fall 2014 Indranil Gupta (Indy) Lecture 24B: Security All slides © IG.

CS 425 / ECE 428 Distributed Systems Fall 2014 Indranil Gupta (Indy) Lecture 24B: Security All slides © IG.
1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.

1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

Similar presentations

Ads by Google