CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

Slides:



Advertisements
Similar presentations
CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Advertisements

TCP/IP Christopher Zacky. lolwut Decimal Numbers.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Chapter 5: TCP/IP and OSI Business Data Communications, 5e.
CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.
Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.
Chapter 5 Network Security Protocols in Practice Part I
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
IPsec – IKE CS 470 Introduction to Applied Cryptography
CS470, A.SelcukIPsec Attacks1 IPsec ESP Attacks CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Chapter 4 : TCP/IP and OSI Business Data Communications, 4e.
1 Application TCPUDP IPICMPARPRARP Physical network Application TCP/IP Protocol Suite.
Networking and Internetworking: Standards and Protocols i206 Fall 2010 John Chuang Some slides adapted from Coulouris, Dollimore and Kindberg.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.
TCP. Learning objectives Reliable Transport in TCP TCP flow and Congestion Control.
Internet Security CSCE 813 IPsec. CSCE Farkas2 Reading Today: – Oppliger: IPSec: Chapter 14 – Stalllings: Network Security Essentials, 3 rd edition,
Key Distribution CS 470 Introduction to Applied Cryptography
Transport Layer TCP and UDP IS250 Spring 2010
Gursharan Singh Tatla Transport Layer 16-May
CSI315 Web Development Technologies Continued. Communication Layer information needs to get from one place to another –Computer- Computer –Software- Software.
1 Lecture 14: Real-Time Communication Security real-time communication – two parties interact in real time (as opposed to delayed communication like )
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Introduction to Networks CS587x Lecture 1 Department of Computer Science Iowa State University.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
IP Security Lawrence Taub IPSEC IP security — security built into the IP layer Provides host-to-host (or router-to-router) encryption and.
1 Network Security Lecture 8 IP Sec Waleed Ejaz
1 LAN Protocols (Week 3, Wednesday 9/10/2003) © Abdou Illia, Fall 2003.
TCP : Transmission Control Protocol Computer Network System Sirak Kaewjamnong.
Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS CIS 5357 Network Security.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Transmission Control Protocol TCP. Transport layer function.
1 The Internet and Networked Multimedia. 2 Layering  Internet protocols are designed to work in layers, with each layer building on the facilities provided.
TCP/IP Protocols Contains Five Layers
Tunneling and Securing TCP Services Nathan Green.
Karlstad University IP security Ge Zhang
SSL/TLS How to send your credit card number securely over the internet.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
Networking Basics CCNA 1 Chapter 11.
S305 – Network Infrastructure Chapter 5 Network and Transport Layers.
IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
1 Secure Key Exchange: Diffie-Hellman Exchange Dr. Rocky K. C. Chang 19 February, 2002.
IPSEC Modes of Operation. Breno de MedeirosFlorida State University Fall 2005 IPSEC  To establish a secure IPSEC connection two nodes must execute a.
K. Salah1 Security Protocols in the Internet IPSec.
@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.
Cisco I Introduction to Networks Semester 1 Chapter 7 JEOPADY.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
A special acknowledge goes to J.F Kurose and K.W. Ross Some of the slides used in this lecture are adapted from their original slides that accompany the.
@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.
© 2003, Cisco Systems, Inc. All rights reserved.
Chapter 5 Network Security Protocols in Practice Part I
The Transport Layer Implementation Services Functions Protocols
Introduction to TCP/IP networking
IT443 – Network Security Administration Instructor: Bo Sheng
Standards Basics.
What does this packet do?
Network Architecture Models: Layered Communications
Presentation transcript:

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk

CS470, A.SelcukReal-Time Communication Issues2 The Internet A packet-switched network: Data to be transmitted is divided into “packets” Each packet is forwarded by “routers” towards the destination...

CS470, A.SelcukReal-Time Communication Issues3 Security of TCP/IP Communications The TCP/IP reference model: IP: delivery of packets to the destination TCP: reliability of the communication –ordering the packets –error detection & recovery –congestion control UDP: basic transport protocol Application Layer (HTTP, FTP, SMTP, etc.) Transport Layer (TCP, UDP) Network Layer (IP) Data Link Layer (PPP, Ethernet, etc.) Physical Layer

CS470, A.SelcukReal-Time Communication Issues4 Securing TCP/IP Layer 3: –can secure all IP comm., transparent to applications –must be built into the OS Layer 4: –doesn’t require OS modification; deployment easy Application L. Transport L. Network L. Data Link L. Physical L. Layer 4 (SSL/TLS) Layer 3 (IPsec)

CS470, A.SelcukReal-Time Communication Issues5 Real-Time Protocol Issues Interactive session security (unlike ) End-to-end security (encryption/authentication) requires layer 3 or 4 (or, layer 3.5 & 4.5) protection

CS470, A.SelcukReal-Time Communication Issues6 IPv4 Header |Version| IHL |Type of Service| Total Length | | Identification |Flags| Fragment Offset | | Time to Live | Protocol | Header Checksum | | Source Address | | Destination Address | | Options | Padding |

CS470, A.SelcukReal-Time Communication Issues7 TCP Header | Source Port | Destination Port | | Sequence Number | | Acknowledgment Number | | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | | Checksum | Urgent Pointer | | Options | Padding | | data |

CS470, A.SelcukReal-Time Communication Issues8 UDP Header | Source Port | Destination Port | | Length | Checksum |

CS470, A.SelcukReal-Time Communication Issues9 Layer 4 (SSL) Implemented on top of layer 4, between TCP & application Doesn’t require any modifications to OS (deployment made easy!)

CS470, A.SelcukReal-Time Communication Issues10 Layer 3 (IPsec) Implemented between IP & TCP Each IP packet authenticated separately Built in the OS Can secure all IP communication Host-to-host and network-to-network application is common; process-to-process also possible

CS470, A.SelcukReal-Time Communication Issues11 Session Key Establishment Message authentication with a session key is needed against connection hijacking Sequence numbers needed against packet replays (different from TCP seq.no.) Session key reset before seq.no. wraps around For freshness guarantee, both parties should contribute to the session key

CS470, A.SelcukReal-Time Communication Issues12 Perfect Forward Secrecy PFS: Compromise of long-term secrets doesn’t compromise session keys Example: DH with RSA authentication Non-PFS examples: –Kerberos –Session key transport with RSA encryption By-product: Escrow prevention Conversations can’t be decrypted by authorities holding copies of long-term private keys

CS470, A.SelcukReal-Time Communication Issues13 DoS Protection If attacker can make server do DH exponentiation by just initiating a session, DoS is made easy Protection: –cookies –puzzles

CS470, A.SelcukReal-Time Communication Issues14 DoS Protection – Cookie Solution Server responds to session requests with a random number (cookie). Initiator has to respond back with that cookie to continue Attacker would either –reveal its address –or, abort the attack Stateless cookies: cookie is H(IP address, secret); server doesn’t remember it.

CS470, A.SelcukReal-Time Communication Issues15 DoS Protection – Puzzle Solution Server requires initiator to solve a puzzle E.g., MD5(x) = …, x = ?, for an n-bit x. Solving is slow, verification fast. Can be made adaptive to increasing load. (how?) Can be made stateless. (how?) Can be used against spam as well

CS470, A.SelcukReal-Time Communication Issues16 Identity Hiding Hiding the parties’ identities from eavesdroppers Do DH without authentication. Then send the authentication info encrypted under the session key. Passive attacker can’t learn identities

CS470, A.SelcukReal-Time Communication Issues17 Live Partner Assurance Against replays, different DH exponents must be used in different sessions DH exponentiation is expensive; problem for servers, low-end clients Solution: Constant DH exponents, different nonces. Incorporate nonces into the session key. E.g., K = H(g ab mod p, nonces)

CS470, A.SelcukReal-Time Communication Issues18 Other Issues Session resumption: Use previously established session keys to bypass public-key authentication Deniability: Don’t use signatures for authentication. Use encryption with public keys. (e.g., the SKEME protocol) Crypto negotiations: Key exchange protocols negotiate the algorithms to be used as well

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.