Presentation is loading. Please wait.

Presentation is loading. Please wait.

Security & Authentication (continued) CS-4513 D-term 20081 Security and Authentication (continued) CS-4513 Distributed Computing Systems (Slides include.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Security & Authentication (continued) CS-4513 D-term 20081 Security and Authentication (continued) CS-4513 Distributed Computing Systems (Slides include."— Presentation transcript:

1 Security & Authentication (continued) CS-4513 D-term 20081 Security and Authentication (continued) CS-4513 Distributed Computing Systems (Slides include materials from Operating System Concepts, 7 th ed., by Silbershatz, Galvin, & Gagne, Distributed Systems: Principles & Paradigms, 2 nd ed. By Tanenbaum and Van Steen, and Modern Operating Systems, 2 nd ed., by Tanenbaum)

2 Security & Authentication (continued) CS-4513 D-term 20082 Review Authentication How to identify someone How to establish that they are who they say they are Fundamental to establishing authority in Distributed Systems Everything else is based on trust that the person or agent doing something has the authority to do it Threats Masquerading as someone else Intercepting / corrupting communications

3 Security & Authentication (continued) CS-4513 D-term 20083 Review (continued) Passwords Easy to steal Easy to guess or “crack” Human frailties Errors Dilemmas (“social engineering”)

4 Security & Authentication (continued) CS-4513 D-term 20084 Video

5 Security & Authentication (continued) CS-4513 D-term 20085 Reading Assignments Allman, Eric, “E-mail Authentication: what? Why? How?,” ACM Queue, November 2006, pp 30-34. (.pdf).pdf One of –Tanenbaum, MOS, Chapter 9 –Silbershatz, OSP, Chapters 14-15 –Tanenbaum & van Steen, Chapter 9

6 Security & Authentication (continued) CS-4513 D-term 20086 Fun with Cryptography What is cryptography about? General Principles of Cryptography Basic Protocols –Single-key cryptography –Public-key cryptography A short intro to key distribution

7 Security & Authentication (continued) CS-4513 D-term 20087 Cryptography as a Security Tool Broadest security tool available –Fundamental foundation for secure storage and communication –Basis for establishing trust –Means to constrain potential senders (sources) and / or receivers (destinations) of messages –Means to detect/prevent intrusion or corruption –(Cannot prevent denial of service attacks)

8 Security & Authentication (continued) CS-4513 D-term 20088 Principles Cryptography is about the exchange of messages The key to success is that all parties to an exchange trust that the system will both protect them from threats and accurately convey their message TRUST is essential

9 Security & Authentication (continued) CS-4513 D-term 20089 Note Data storage is just another means of communication Writing data  Sending message Reading data  Receiving message Perhaps much, much later! Integrity of data  Integrity of message

10 Security & Authentication (continued) CS-4513 D-term 200810 Basic Premise of Cryptography Algorithms are (usually) public Orders of magnitude easier to compute in forward (normal) direction than in reverse (attack) direction Keys are always secret Enough bits to prevent trying all key values Key management is a very big deal Heart of all successful cryptographic systems

11 Security & Authentication (continued) CS-4513 D-term 200811 Conventional Wisdom Algorithms must be public and verifiable We need to be able to estimate the risk of compromise The solution must practical for its users, and impractical for an attacker to break

12 Security & Authentication (continued) CS-4513 D-term 200812 Public Policy Dilemma Algorithm intended to be a public standard must be subject to scrutiny of its users I.e., banks, industry, commerce, etc. To establish trust that it is good enough! Any algorithm good enough to protect billions of $$ of funds & commerce will be too hard for governments to penetrate! Crime, terrorism, etc.

13 Security & Authentication (continued) CS-4513 D-term 200813 Ergo … Governments tend to use secret encryption methods and algorithms for the most secure communications Sometimes, confidence in such algorithms is misplaced!

14 Security & Authentication (continued) CS-4513 D-term 200814 History Most secret algorithms have been broken Prior to computing age, at least Vulnerabilities Redundancy in human languages Repeatability or lack of randomness in algorithm Repeatability or lack of randomness in keys

15 Security & Authentication (continued) CS-4513 D-term 200815 Guidelines Cryptography is always based on algorithms which are orders of magnitude easier to compute in the forward (normal) direction than in the reverse (attack) direction. The attacker’s problem is never harder than trying all possible keys The more material the attacker has the easier his task

16 Security & Authentication (continued) CS-4513 D-term 200816 Example What is 314159265358979  314159265358979? vs. What are prime factors of 3912571506419387090594828508241?

17 Security & Authentication (continued) CS-4513 D-term 200817 Caveat We cannot mathematically PROVE that the inverse operations are really as hard as they seem to be…It is all relative… The Fundamental Tenet of Cryptography: If lots of smart people have failed to solve a problem, it won’t be solved (soon)

18 Security & Authentication (continued) CS-4513 D-term 200818 Time marches on… We must assume that there will always be improvements in computational power, mathematics and algorithms. –Messages which hang around get less secure with time! Increases in computing power help the good guys and hurt the bad guys for new and short-lived messages

19 Security & Authentication (continued) CS-4513 D-term 200819 Two fundamental approaches Symmetric Sender and receiver must share the key Asymmetric Keys are paired Sender uses one, receiver uses its mate

20 Security & Authentication (continued) CS-4513 D-term 200820 Two fundamental approaches Symmetric Sender and receiver must share the key  there must be a secure way to get key from one to the other Asymmetric Keys are paired Sender uses one, receiver uses its mate  there must be a secure way to get key from one to the other

21 Security & Authentication (continued) CS-4513 D-term 200821 Secret key cryptography (Symmetric) f (T,K)g (C,K) Cleartext KK Cyphertext TT C

22 Security & Authentication (continued) CS-4513 D-term 200822 Secret Key Methods DES (56 bit key) IDEA (128 bit key) http://www.mediacrypt.com/community/index.asp Triple DES (three 56 bit keys) AES –From NIST, 2000 –choice of key sizes up to 256 bits and more –Commercial implementations available

23 Security & Authentication (continued) CS-4513 D-term 200823 Reducing the Vulnerability Minimize the amount of information encrypted with shared key K Use K to encrypt a random number to obtain a session key I.e., used for one connection, conversation, exchange, etc. Discarded when channel is ended.

24 Security & Authentication (continued) CS-4513 D-term 200824 Diffie – Hellman AliceAgree on p,gBob choose random A choose random B T A = g A mod p T B = g B mod p compute (T B ) A compute (T A ) B Shared secret key for this session is g AB mod p The shared key!

25 Security & Authentication (continued) CS-4513 D-term 200825 D–H Problems Not in itself an encryption method – we must still do a secret key encryption The body of the message Still must distribute the shared key safely Subject to a “man in the middle” attack (Alice thinks she is talking to Bob, but actually Trudy is intercepting all of the messages and substituting her own)

26 Security & Authentication (continued) CS-4513 D-term 200826 Questions about Secret Key Methods?

27 Security & Authentication (continued) CS-4513 D-term 200827 RSA Public Key Cryptography (Asymmetric Keys) f () Cleartext Key #1Key #2 Cyphertext Key #1 can be either a Public Key or a Private Key. Key #2 is then the corresponding Private Key or Public Key. T C T

28 Security & Authentication (continued) CS-4513 D-term 200828 RSA Public Key Cryptography Rivest, Shamir and Adelman (1978) I can send messages that only you can read I can verify that you and only you could have sent a message I can use a trusted authority to distribute my public key –The trusted authority is for your benefit!

29 Security & Authentication (continued) CS-4513 D-term 200829 RSA Details Uses same operation to encrypt and decrypt To encrypt, we will use “e” as a key, to decrypt we will use “d” as a key e and d are inverses with respect to the chosen algorithm

30 Security & Authentication (continued) CS-4513 D-term 200830 RSA Details (continued) Based on mathematical premise that finding prime factors of large numbers is difficult computationally No known solution despite 100’s of years of trying! Note: Finding primes is also hard

31 Security & Authentication (continued) CS-4513 D-term 200831 RSA Details (continued) Let p and q be two large primes 500-700 bits in length Let n = p  q Let z = (p – 1)  (q – 1) Choose d to be relatively prime to z Choose e such that d  e = 1 mod z Publish n and either d or e (but not both!)

32 Security & Authentication (continued) CS-4513 D-term 200832 RSA Details (continued) Encryption: Cyphertext = (Cleartext) e mod n Decryption: Cleartext = (Cyphertext) d mod n Typical d will be on the order of 500 to 700 bits The cost of the algorithm is between 1  and 2  the size of n, –Each operation is a giant shift and add (multiply by a power of 2)

33 Security & Authentication (continued) CS-4513 D-term 200833 RSA Details (continued) References –Tanenbaum & van Steen, §9.1.3 –Silbershatz, §15.4.1.2

34 Security & Authentication (continued) CS-4513 D-term 200834 RSA Problems It is computationally much more costly than typical secret-key methods Impractical to use for message encryption Use RSA to encrypt a random session key Encrypt the message with the session key and append/prefix the RSA encrypted key Requires a “Public Key Infrastructure” for effective key generation and distribution Chain of trust thing again!

35 Security & Authentication (continued) CS-4513 D-term 200835 Questions about Public Key Encryption?

36 Security & Authentication (continued) CS-4513 D-term 200836 Authentication using Secure Channels

37 Security & Authentication (continued) CS-4513 D-term 200837 Authentication using Secure Channels At this point, Bob knows he is talking with Alice

38 Security & Authentication (continued) CS-4513 D-term 200838 Authentication using Secure Channels At this point, Bob knows he is talking with Alice Not until this point, does Alice know she is talking with Bob

39 Security & Authentication (continued) CS-4513 D-term 200839 What is wrong with this “Optimization”?

40 Security & Authentication (continued) CS-4513 D-term 200840 Subject to “Reflection Attack” Attacker cons Bob into encrypting R B for him “Reflection” attack

41 Security & Authentication (continued) CS-4513 D-term 200841 Reflection Attack

42 Security & Authentication (continued) CS-4513 D-term 200842 Key Distribution Server Alice requests secure channel to Bob KDC generates session key K A,B KDC sends secure messages to both Alice and Bob containing K A,B

43 Security & Authentication (continued) CS-4513 D-term 200843 Key Distribution Server (continued) Alice requests secure channel to Bob KDC generates session key K A,B and ticket to speak with Bob Alice uses ticket to contact Bob

44 Security & Authentication (continued) CS-4513 D-term 200844 Needham-Schroeder Protocol Nonce – a random number that is never re-used E.g., R A1, R A2, and R B Prevents intruder from replaying old tickets

45 Security & Authentication (continued) CS-4513 D-term 200845 Kerberos Single sign-on system One login used to generate tickets for authenticating shared services on distributed system No passwords maintained by any client Two parts AS – Authentication Service TGS – Ticket Granting Service Once authenticated, user may ask TGS for a ticket for a session with any service.

46 Security & Authentication (continued) CS-4513 D-term 200846 Kerberos (continued)

47 Security & Authentication (continued) CS-4513 D-term 200847 Kerberos (continued) With ticket, Alice can communicate securely with Bob. Alice knows it is Bob because only Bob could descript ticket Bob knows that it is Alice because TGS said it was Timestamp prevents replaying old sessions

48 Security & Authentication (continued) CS-4513 D-term 200848 Key Distribution Many variations –Secret (symmetric) keys –Public (asymmetric) keys Always based on trust Central part of any distributed system that requires authentication

49 Security & Authentication (continued) CS-4513 D-term 200849 Questions?

Download ppt "Security & Authentication (continued) CS-4513 D-term 20081 Security and Authentication (continued) CS-4513 Distributed Computing Systems (Slides include."

Similar presentations

Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
CSC 474 Information Systems Security

CSC 474 Information Systems Security
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.

1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.

 Public key (asymmetric) cryptography o Modular exponentiation for encryption/decryption  Efficient algorithms for this o Attacker needs to factor large.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Homework #4 Solutions Brian A. LaMacchia Portions © 2002-2006, Brian A. LaMacchia. This material is provided without.

Homework #4 Solutions Brian A. LaMacchia Portions © , Brian A. LaMacchia. This material is provided without.
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.

1 Lecture #10 Public Key Algorithms HAIT Summer 2005 Shimrit Tzur-David.
More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

Similar presentations

Ads by Google