Presentation on theme: "1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication."— Presentation transcript:
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication Availability
2 1. Confidentiality (against eavesdropping) Eavesdropping: packet sniffing on net, in which attackers read transmitted information, including logon information and database contents. Brute Force attack 1975 US National Bureau of Standard (NBS): Data Encryption Standard (DES) – a 56-bit key is no longer considered to be very secure.DES 2001 US National Bureau of Standard (NBS): Advanced Encryption Standard (AES) – a choice of key length of 128, 192, or 256 bits.
Single-Key (conventional) and Dual-Key (public-key) Encryption Algorithms – Single-key encryption is faster but key-distribution is difficult. – Dual-key encryption is slower but key-distribution is easy. – One common solution is to use the dual-key encryption for key-distribution and authentication while the single-key encryption is used to encrypt message.
4 What are two major cryptographic methods? Conventional encryption: Message sender and recipient share single secret key for encryption and decryption. There are three basic operations: - Substitution: replace bits with other bits. - Transposition (permutation): arrange bits in a different order - XOR: 10110010 01110110 = 11000100 Public-key encryption: Key owner generates a pair of keys. One key, called public key (e), is made available for anyone to get. Another key, called private key (d), is kept by the owner. Message encrypted with one key can be decrypted with another. The RSA algorithm is one implementation of public key cryptography.
5 How do you choose an encryption algorithm? No inherent mathematical weakness: Algorithm survived extensive public review and assume that the brute force approach is the only efficient attack. Key length: A 128-bit key makes a brute force attack impractical with current technology. Key is easy to change and to manage: Frequent key change makes encryption more secure. Cost: Many algorithms are royalty-free. Permission for export: Strong cryptography products may not have permission to export.
2. Access Control (Password, read, write, execute, and delete) How does an attacker learn your password? Try default passwords Exhaustively try all short passwords Try words in system’s online dictionary or a list of likely passwords. Collect information about user. Try user’s phone number. Try user’s license plate numbers. Use a Trojan horse. Tap the line between a remote user and the host system.
3. Integrity, Non-repudiation and Digital Signature Integrity: prevent user’s data and message from being modified. Non-repudiation: prevent either sender or receiver from denying a transmitted message. How can dual-key encryption be used to authenticate a message? Digital signature is based on public-key cryptographic algorithm. A one-way hash function takes a message and returns a small fixed-length string (hash value). The hash value is encrypted with sender’s private key that can be verified by recipient using the sender’s public key. Therefore, the recipient is certain that the message is indeed from the sender. The hash value is also used to verify that the message was not altered in transit.
4. Authentication (Identity and Certificate) If you buy books from Amazon.com, we want to know whether the Web site you are dealing with is really Amazon. You want Amazon Web server to authenticate itself to you and Amazon may want you to authenticate yourself to Amazon. What is the secure socket layer (SSL) protocol? The SSL security protocol provides data encryption, server authentication, message integrity, and optional client authentication for a TCP/IP connection. An SSL- enabled Web server can be linked with a URL starting with https (port 443) instead of http (port 80). Netscape patented SSL in 1997.httpshttp
How does an SSL-enabled browser authenticate the server? An SSL-enabled Web server should be certified by a trusted third party - Certifying Authority (CA). An SSL-enabled browser maintains a list of trusted CAs along with the public keys of the CAs. When a client browser wants to communicate with an SSL-enabled Web server, the browser obtains the server’s certificate. The certificate is issued by a CA and digitally signed with this CA’s private key. If the CA is in the browser’s list, the signature can be verified with this CA’s public key. If not, client’s browser issues a security alert.
What are principle differences between SET and SSL? The secure electronic transaction (SET) is a protocol specifically designed to secure payment-card transactions over Internet. The principle differences are The SET is designed to encrypt specific kinds of payment-related messages. It cannot be used to encrypt arbitrary data as can SSL. The SET protocol involves all three players on Internet, namely, the customer, the merchant, and the merchant’s bank. All sensitive information sent between the three parties is encrypted. The SET requires all three players to have certificates. The customer’s and merchant’s certificates must be issued by their bank, thereby assuring that these players are permitted to make and receive payment-card purchases.