Download presentation

Presentation is loading. Please wait.

Published byGavin Jennings Modified about 1 year ago

1
Communications Research Group Network Security Volkan Cambazoglu Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

2
Outlook Secure channel Principles of cryptography Authentication, Integrity Security at different layers Firewalls and Intrusion Detection Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

3
Communication Channels Assume always that a communication channel is insecure! Source: Kurose Ross Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

4
Examples of Alice and Bob E-commerce applications Amazon, Spotify, etc. Online banking applications Swedbank, Nordea, etc. Online chat applications Skype, Google chat, etc. DNS servers Exchange messages about where a website is located Routers Exchange messages about routing tables (Routing Information Protocol) Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

5
What can Trudy do? Eavesdrop Sniff and record traffic between users (e.g. Alice and Bob) Insertion Insert messages as if it comes from a specific user (Alice/Bob) Modification Alter messages going from a user (Alice) to the other one (Bob) Deletion Delete messages going from a user (Alice) to the other one (Bob) Denial of service Prevent users (Alice) from reaching an existing service (provided by Bob) Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

6
Properties of Secure Communication Confidentiality Only the receiver should understand the message content Authentication Receiver should be able to confirm sender’s identity Integrity Receiver should be able to check that the message is not altered Availability Receiver should be able to access services provided by the sender Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

7
Outlook Secure channel Principles of cryptography Authentication, Integrity Security at different layers Firewalls and Intrusion Detection Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

8
Information Security Conceptually, the way information is recorded has not changed dramatically over time. What has changed dramatically is the ability to copy and alter information. technological advancements change from physical to digital Cryptography is the study of mathematical techniques related to aspects of information security such as confidentiality entity authentication data integrity data origin authentication Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

9
The Basic Idea Mathematical functions f(x) that are efficient to compute. No efficient algorithm is known for the inverse function. such as Discrete Logarithm Factorizing large numbers f(x): efficient f (x): hard xf(x) Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

10
Kerkhoff’s Principle An enemy knows the whole system including all transformations, but not the secret key(s). Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

11
Principles of Cryptography Plaintext or cleartext has some meaning Ciphertext unintelligible content Encryption algorithm encrypt (plaintext) = ciphertext Decryption algorithm decrypt (ciphertext) = plaintext Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

12
Encryption/Decryption non-keyed no secret parameters one-way functions e.g. MD5 secret key two or more entities share some common secret values encrypt and decrypt with the same secret e.g. Caesar cipher, AES public key no shared secret keys one secret for encryption and another secret for decryption e.g. RSA Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

13
Symmetric Key Cryptographyff mmc = f(m,k) kk ciphertextplaintext Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

14
Gaius Julius Cæsar Shared secret encryption/decryption Secret is a number to shift the alphabet abcdefghijklmnopqrstuvwxyz k = 3 defghijklmnopqrstuvwxyzabc Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

15
There will be a secret meeting in one of the Swedish cities. We obtained the ciphertext for it! Which city is it? toorzkz Gaius Julius Cæsar abcdefghijklmnopqrstuvwxyz uppsala Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

16
Attacks on Symmetric Key Cryptography ciphertext-only: - statistical analysis (e,t most frequent) - typical words (the, in, it,...ing, etc.) known-plaintext Uppsala, Alice, Bob, etc. chosen-plaintext “the quick brown fox jumps over the lazy dog” Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

17
Improving Symmetric Key Cryptography Monoalphabetic cipher Caesar cipher Polyalphabetic cipher e.g. combine two Caesar ciphers for one word Block cipher e.g. 3-bit block cipher (000:110, 001: 101, 010: 000,...) DES: 64 bit input, 16 rounds of 48 bit key from 56 bit key, final permutation 64 bit output AES: 128 bit blocks, accepts different key lengths (128, 192, 256) brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

18
Public Key Cryptography How can Alice and Bob start secure communication, if they cannot come together in the physical world? Send shared secret in plaintext? Send encrypted shared secret? Hide the secret somewhere in plaintext? Any other crazy ideas? Or shall we simply use public key cryptography? Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

19
Plaintext message m = K B - (K B + (m)) Public Key Cryptography Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner encryptionalgorithmdecryptionalgorithm Plaintext message, m Ciphertext K B + (m) Public key: K B + (m) Private key: K B - (m)

20
Plaintext message m = K B - (K B + (m)) Public Key Cryptography Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner encryptionalgorithmdecryptionalgorithm Plaintext message, m Ciphertext K B + (m) Public key: K B + (m) Private key: K B - (m) What could go wrong here? Hint 1: Who can use the public key? Hint 2: What happens when same text, algorithm and key are used?

21
Public Key Cryptography Prerequisite: Modular Arithmetic x mod n = remainder of x when divided by n facts: [(a mod n) + (b mod n)] mod n = (a+b) mod n [(a mod n) - (b mod n)] mod n = (a-b) mod n [(a mod n) * (b mod n)] mod n = (a*b) mod n thus: (a mod n) d mod n = a d mod n example: a=14, n=10, d =2 (14 mod 10) 2 mod 10 = 4 2 mod 10 = 6 14 2 mod 10 = 196 mod 10 = 6 Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

22
RSA: Encryption/Decryption Encryption c = m e mod n c is ciphertext m is plaintext e is encryption key (n, e) is the public key Decryption m = c d mod n = (m e mod n) d mod n = m e*d mod n d is decryption key (n, d) is the private key Do you notice something when m = m e*d mod n? Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

23
RSA: Creating public/private key pair Choose two large prime numbers p and q (1024 bits each) Compute (n = p * q) and (z = (p-1) * (q-1)) Choose e < n that has no common factors with z (relatively prime) e.g. (3 and 7) and (5 and 12) are relatively prime. Choose d that fulfills (e * d mod z = 1) Public key (n,e) Private key (n,d) Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

24
RSA Encryption Source: Kurose Ross p=5 q=7 n=35 z=24 e=5 d=29 Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

25
RSA Decryption Source: Kurose Ross p=5 q=7 n=35 z=24 e=5 d=29 Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

26
Why does RSA work? m = c d mod n m = (m e mod n) d mod n m = m e*d mod n fact: c d mod n = c (d mod z) mod n where n = p*q and z=(p-1)*(q-1) thus: m = m ((e*d) mod z) mod n m = m 1 mod n Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

27
Why is RSA secure? We know the public key (n,e). Can we compute d using n and e? We need to find the factors of n= p*q p and q are two very large prime numbers (at least 1024 bits) 13606481726048992848411364002694494148097538296253994533786 28482542262240342758205383100088584039554372391026814657613 88249980135083342434428721426840110617593953169835450968550 73076943041284504818565938137085710532321945352149127789477 33675392166804312875063387109652043491190305281577529925513 75455100484051 (309 digits) Factoring a big number is hard! Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

28
RSA in practice: Session keys Exponentiation in RSA is computationally intensive Use public key crypto to establish secure connection Establish symmetric session key for encrypting data Shared secret Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

29
Outlook Secure channel Principles of cryptography Authentication, Integrity Security at different layers Firewalls and Intrusion Detection Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

30
Message Integrity Apply hash function H to m and get fixed size message digest H(m). Good to rely on MD5 (128 bit message digest) SHA-1 (160 bit message digest) (US standard) Bad to rely on Internet checksum (16 bit digest) “IOU100.99BOB” and “IOU900.19BOB” have identical checksum (B2 C1 D2 AC) Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

31
Message Integrity If Alice sends (m, H(m)) to Bob, can Bob trust the message m comes from Alice? No; because Trudy can prevent Bob from receiving (m, H(m)) and instead send (m’, H(m’)). Bob will check that H(m’) is indeed digest/hash of m’. There is a solution to this problem: Message Authentication Code (e.g. HMAC) Used together with a cryptographically secure hash function such as MD5 or SHA-1 There is a shared authentication key between Alice and Bob. So, Alice will send (m, H(m+s)) instead of (m, H(m)). Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

32
Authentication Bob wants Alice to “prove” her identity to him Bob wants to know that if he receives a message from Alice, the message actually comes from her. Bob wants to be sure that the message was not tampered with on its way to him. Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

33
RSA: Another important property K B - (K B + (m)) = m = K B + (K B - (m)) private(public(m)) = m = public(private(m)) Everyone can encrypt Only one can decrypt Only one can claim it Everyone can check it Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

34
Digital Signatures Cryptographic technique analogous to hand- written signatures Bob (sender) digitally signs document, establishing he document owner/creator Bob signs message m by encrypting with his private key K B -, creating signed message K B - (m). Verifiable, non-forgeable: Alice (recipient) can prove to someone that Bob and no one else must have signed the document Non-repudiation: Alice can take m and signature K B - (m) to court and prove that Bob signed m Only Bob possesses K B - Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

35
Digital Signature Source: Kurose Ross Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

36
Signed Message Digests Computationally expensive to encrypt long messages with public key crypto Goal: Fixed-length Easy-to-compute Digital fingerprint Apply hash function H to m and get fixed size message digest H(m). Sign H(m) Send (m, K B - (H(m))) Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

37
Digital Signature Source: Kurose Ross Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

38
Impersonation Attack Source: Kurose Ross Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

39
Impersonation Attack Source: Kurose Ross Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

40
Replay Attack Source: Kurose Ross Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

41
Nonce (timeliness) Nonce: number R used only once-in-a-lifetime K A-B : Shared secret key Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

42
Nonce (timeliness) Source: Kurose Ross Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

43
(Wo)Man-in-the-Middle Attack Source: Kurose Ross Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

44
(Wo)Man-in-the-Middle Attack Difficult to detect Alice receives everything Bob sends Bob and Alice can meet later and still recall the last conversation Trudy receives all messages as well! Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

45
Public Key Certification Certification Authority (CA) binds public key to particular entity (Bob) Bob provides proof of identity to CA CA creates certificate binding Bob to his public key Certificate containing Bob’s public key digitally signed by CA - CA says “this is Bob’s public key” When Alice wants Bob’s public key gets Bob’s certificate (from Bob or elsewhere) apply CA’s public key to Bob’s certificate gets Bob’s public key Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

46
Outlook Secure channel Principles of cryptography Authentication, Integrity Security at different layers Firewalls and Intrusion Detection Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

47
Security at Different Layers Application Mail: MIME/S, PGP Transport TLS (Secure Socket Layer, SSL) Network IP Security (IPSec) Packet Filter Link Frame Filter, WPA Physical WEP Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

48
Outlook Secure channel Principles of cryptography Authentication, Integrity Security at different layers Firewalls and Intrusion Detection Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

49
Firewalls Isolates organization’s internal network from larger Internet, allowing some packets to pass, blocking others Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

50
Firewalls Prevent denial of service attacks SYN flooding: attacker establishes many bogus TCP connections, no resources left for real connections Prevent illegal modification/access of internal data Attacker replaces website’s homepage with something else Allow only authorized access to inside network Set of authenticated users Three types of firewalls Stateless packet filters Stateful packet filters Application gateways Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

51
Stateless Packet Filtering Internal network connected to Internet via router firewall Router filters packet-by-packet, decision to forward/drop packet based on Source IP address, destination IP address TCP/UDP source and destination port numbers ICMP message type TCP SYN and ACK bits Example: Block incoming and outgoing datagrams with IP protocol field 17 All incoming and outgoing UDP flows are blocked Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

52
Access Control ListsActionSourceAddressDestAddress Protoc ol SourcePortDestPort Flag Bit allow222.22/16 outside of 222.22/16 TCP>102380any allow outside of 222.22/16 TCP80>1023ACK denyall Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

53
Stateful Packet Filtering Stateless packet filtering Admits packets that makes no sense e.g. dest port=80, ACK bit set, even though no TCP connection established Stateful packet filtering tracks Status of every TCP connection Connection setup (SYN) Connection teardown (FIN) Timeout inactive connections at firewall Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

54
Intrusion Detection Systems Packet filtering operates on TCP/IP headers only no correlation check among sessions Intrusion Detection System Deep packet inspection: Look at packet contents for viruses, attack patterns, etc. Examine correlation among multiple packets for port scanning, network mapping, Denial of Service (DoS) attack, etc. Adapted from: Computer Networking, Kurose/Ross and lecture notes, Rohner

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google