Download presentation

Presentation is loading. Please wait.

1
**CSC 774 Advanced Network Security**

Topic 2.2 Hash-Based Primitives CSC 774 Dr. Peng Ning

2
**Outline Absolute basics Primitives based on hash functions**

Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Pseudo random functions; traditional key distribution techniques Primitives based on hash functions One-way hash chain, Merkle hash tree, client puzzles, Bloom filters Secret sharing ID-based cryptography Secret handshake Rabin’s fingerprinting and information dispersal algorithms CSC 774 Dr. Peng Ning

3
**Ki=F(Ki+1), F: hash function**

One-Way Hash Chain Used for many network security applications Example: S/Key Good for authentication of the hash values commitment Ki=F(Ki+1), F: hash function K4 F K3 K2 K1 K0 Kn= R CSC 774 Dr. Peng Ning

4
**Merkle Hash Tree A binary tree over data values**

For authentication purpose The root is the commitment of the Merkle tree Known to the verifier. Example To authenticate k2, send (m2, m3,m01,m47) Verify m07= h(h(m01||h(f(k2)||m3)||m47) CSC 774 Dr. Peng Ning

5
Bloom Filters It’s used to verify that some data is not in the database (mismatch) List of bad credit card numbers Useful when the data consumes a very small portion of search space A bloom filter is a bit string n hash functions that map the data into n bits in the bloom filter CSC 774 Dr. Peng Ning

6
**A Simple Example Check for 22: Check for 51**

Use a bloom filter of 16 bits h1(key) = key mod 16 h2(key) = key mod Insert numbers 27, 18, 29 and 28 1 1 1 1 1 1 1 Check for 22: H1(22) = 6, h2(22) = 10 (not in filter) Check for 51 H1(51) = 3, h2(51) = 11 (false positive) CSC 774 Dr. Peng Ning

7
**Probability of False Positives**

Consider a m-bit Bloom filter with k hash functions Exercise CSC 774 Dr. Peng Ning

8
**Client Puzzles Juels and Brainard client puzzle construction**

Use pre-image of crypto hash functions See T02.2.x-ClientPuzzles.ppt Aura, Nikander, and Leiwo client puzzle construction Use special image of crypto hash functions CSC 774 Dr. Peng Ning

9
**New Client Puzzle Outsourcing Techniques for DoS Resistance**

Brent Waters, Ari Juels, J. Alex Halderman and Edward W. Felten CSC 774 Dr. Peng Ning

10
Motivation Client puzzle mechanism can become the target of DoS attacks Servers have to validate solutions which require resources Puzzles must be solved online User time is more important than CPU time CSC 774 Dr. Peng Ning

11
**Properties of the Proposed Solution**

The creation of puzzles is outsourced to a secure entity, the bastion Creates puzzle with no regard to which server is going to use them Verifying puzzle solutions is a table lookup Clients can solve puzzles offline ahead of time A puzzle solution gives access to a virtual channel for a short time period CSC 774 Dr. Peng Ning

12
**Puzzle Properties Unique puzzle solutions**

Each puzzle has a unique solution Per-channel puzzle distribution Puzzles are unique per each (server, channel, time period) triplet Per-channel puzzle solution If a client has a solution for one channel, he can calculate a solution for another server with the same channel easily CSC 774 Dr. Peng Ning

13
**G: A group of prime numbers with generator g. Pick rc,t Zq **

ac,t [rc,t, (rc,t + l) mod q] Let gc,t = gf’(a) , puzzle c,t = (gc,t, rc,t) Bastion c,t for all channels c,t Pub: Y1 Server Virtual Channels Priv: X1 Enumerate l values to solve ac,t Take the easy way Solution is c,t = Y1f’(a) c,t = gc,tX1 CSC 774 Dr. Peng Ning

14
**Pub: Y1 Server 1 Pub: Y2 Priv: X1 Pub: Y3 c,t = gc,tX1 Server 2**

Virtual Channels Pub: Y3 c,t = gc,tX1 Server 2 Server 1: c,t = Y1f’(a) Priv: X2 Virtual Channels Server 2: c,t = Y2f’(a) c,t = gc,tX2 Server 3: c,t = Y3f’(a) Server 3 Priv: X3 Virtual Channels c,t = gc,tX3 CSC 774 Dr. Peng Ning

15
System Description Solutions for puzzles are only valid for the time period t. (Order of minutes) Client: During Ti, download puzzles for Ti+1 and solve Check to see if server has a public key If so append puzzle solutions to messages Server: During Ti, download and solve all puzzles for Ti+1 If server is under attack only accept requests that have valid tokens Checking puzzle solution is a simple table lookup CSC 774 Dr. Peng Ning

16
**Communication Client uses option field in TCP SYN to relay the token**

Only the first 48 bits of the solution is used The server determines the virtual channel Server limits new connection per channel Public key: Y Puzzle index: c Token: c,t Token: c,t+1 Virtual Channels c CSC 774 Dr. Peng Ning

17
**Resilience Against Attacks**

2.1 GHz Pentium can process 1024-bit DH key in 3.7ms. With 5% recourse it can populate tokens for 16,000 virtual channels. If s=2, every client can solve at least one puzzle and half of them can solve at least two If attacker has 50 zombie machines, it can create 2*50*2 = 200 puzzle solutions occupying 1.25% of the channels Probability of a benign user not getting a normal channel <.625% CSC 774 Dr. Peng Ning

18
**Experiment Puzzle checking (table lookup) is implemented at kernel lvl**

After the routing and before the packet reaches higher level protocols like TCP Simulate conventional puzzles by replacing the lookup code with a SHA-1 hash computation Simulate syncookies by allowing Linux to send an ACK packet back CSC 774 Dr. Peng Ning

19
CSC 774 Dr. Peng Ning

Similar presentations

OK

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

Tonga Institute of Higher Education Design and Analysis of Algorithms IT 254 Lecture 9: Cryptography.

© 2018 SlidePlayer.com Inc.

All rights reserved.

Ads by Google

Ppt on wireless network architecture Air pressure for kids ppt on batteries Convert pdf to ppt online free download Jit ppt on manufacturing company Ppt online downloader youtube Ppt on types of angles formed when two parallel lines are intersected by a transversal Ppt on ready to serve beverages and more Ppt on solar refrigeration and air conditioning Ppt on the portrait of a lady Ppt on cartesian product in database