Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSE331: Introduction to Networks and Security Lecture 22 Fall 2002.

Published byRayna Hagg Modified over 9 years ago

Similar presentations

Presentation on theme: "CSE331: Introduction to Networks and Security Lecture 22 Fall 2002."— Presentation transcript:

1 CSE331: Introduction to Networks and Security Lecture 22 Fall 2002

2 CSE331 Fall 20022 Announcements Project 3 is available on the web –Get started early! –It’s due 18 Nov. Class is cancelled next Wednesday (Nov. 6 th ) TA will cover projects 3&4 in class Friday, Nov. 8 Professor Gunter will be giving lectures on Nov. 11 th and 13 th

3 CSE331 Fall 20023 Project 3 Distributed Bank Simulation –Java Network Programming –Cryptix Libraries for cryptographic protocols Requirements –Authentication Protocol –Transaction Protocol –Audit Logs Lab support on its way… Bank Server ATM Client ATM Client

4 CSE331 Fall 20024 Recap Cryptographic Hashes Digital Signatures Today: –Protocols –Authentication

5 CSE331 Fall 20025 Protocols: Where We’re Going Overview Entity Authentication Key Establishment SSL Kerberos

6 CSE331 Fall 20026 General Definition of “Protocol” A protocol is a multi-party algorithm –A sequence of steps that precisely specify the actions required of the parties in order to achieve a specified objective. Important that there are multiple participants Typically a situation of heterogeneous trust –Alice may not trust Bart –Bart may not trust the network

7 CSE331 Fall 20027 Characteristics of Protocols Every participant must know the protocol and the steps in advance. Every participant must agree to follow the protocol Big problem: How to deal with bad participants? –3 basic kinds of protocols

8 CSE331 Fall 20028 Arbitrated Protocols Tom is an arbiter –Disinterested in the outcome (doesn’t play favorites) –Trusted by the participants –Trusted 3 rd party Alice Bart Tom

9 CSE331 Fall 20029 Arbitrated Protocols (Continued) Real-world examples: –Lawyers, Bankers, Notary Public Issues: –Finding a trusted 3 rd party –Additional resources needed for the arbitrator –Delay (introduced by arbitration) –Arbitrator might become a bottleneck –Single point of vulnerability: attack the arbitrator!

10 CSE331 Fall 200210 Adjudicated Protocols Alice and Bard record an audit log Only in exceptional circumstances to they contact a trusted 3 rd party. (3 rd party is not always needed.) Tom as the adjudicator can inspect the evidence and determine whether the protocol was carried out fairly Alice Bart Tom Evidence Bart acted fairly.

11 CSE331 Fall 200211 Self-Enforcing Protocols No trusted 3 rd party involved. Participants can determine whether other parties cheat. Protocol is constructed so that there are no possible disputes of the outcome. Alice Bart You’re cheating, Alice!

12 CSE331 Fall 200212 Examples We’ve Seen Arbitrated Protocol –Shared key digital signature algorithm –Trusted 3rd party provided authenticity Adjudicated Protocol –Public key digital signature algorithm –Trusted 3 rd party provided non-repudiation

13 CSE331 Fall 200213 Example: Shared-Key Authentication Assume Alice & Bart already share a key K AB. –The key might have been decided upon in person or obtained from a trusted 3 rd party. Alice & Bart now want to communicate over a network, but first wish to authenticate to each other Alice Bart K AB

14 CSE331 Fall 200214 Solution 1: Weak Authentication Alice sends Bart K AB. –K AB acts as a password. The secret (key) is revealed to passive observers. Only works one-way. –Alice doesn’t know she’s talking to Bart. Alice Bart K AB

15 CSE331 Fall 200215 Solution 2: Strong Authentication Protocol doesn’t reveal the secret. Challenge/Response –Bart requests proof that Alice knows the secret –Alice requires proof from Bart –R A and R B are randomly generated numbers Alice Bart K AB I’m Alice Challenge: Encrypt R B Response: K AB {R B } Challenge: Encrypt R A Response: K AB {R A }

16 CSE331 Fall 200216 (Flawed) Optimized Version Why not send more information in each message? This seems like a simple optimization. But, it’s broken… how? Alice Bart K AB Alice, R A R B, K AB {R A } K AB {R B }

17 CSE331 Fall 200217 Attack: Marvin can Masquerade as Alice Marvin pretends to take the role of Alice in two runs of the protocol. –Tricks Bart into doing Alice’s part of the challenge! –Interleaves two instances of the same protocol. Bart K AB Alice, R A R B, K AB {R A } K AB {R B } Alice, R B R’ B, K AB {R B }

18 CSE331 Fall 200218 Lessons Protocol design is tricky and subtle –“Optimizations” aren’t necessarily good Need to worry about: –Multiple instances of the same protocol running in parallel –Intruders that play by the rules, mostly General principle: –Don’t do anything more than necessary until confidence is built. –Initiator should prove identity before responder takes action (like encryption)

Download ppt "CSE331: Introduction to Networks and Security Lecture 22 Fall 2002."

Similar presentations

Security attacks. - confidentiality: only authorized parties have read access to information - integrity: only authorized parties have write access to.

Security attacks. - confidentiality: only authorized parties have read access to information - integrity: only authorized parties have write access to.
AUTHENTICATION AND KEY DISTRIBUTION

AUTHENTICATION AND KEY DISTRIBUTION
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment.

COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.

SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
Modelling and Analysing of Security Protocol: Lecture 3 Protocol Goals Tom Chothia CWI.

Modelling and Analysing of Security Protocol: Lecture 3 Protocol Goals Tom Chothia CWI.
CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.

Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.

Similar presentations

Ads by Google