Distributed Operating Systems CS551 Colorado State University at Lockheed-Martin Lecture 9 -- Spring 2001.

Slides:



Advertisements
Similar presentations
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (3) Information Security.
Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Wireless Security In wireless networks. Security and Assurance - Goals Integrity Modified only in acceptable ways Modified only by authorized people Modified.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Encryption. Introduction Computer security is the prevention of or protection against –access to information by unauthorized recipients –intentional but.
Public Key Model 8. Cryptography part 2.
1 Fluency with Information Technology Lawrence Snyder Chapter 17 Privacy & Digital Security Encryption.
CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.
Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.
Network Security. Cryptography Cryptography functions Secret key (e.g., DES) Public key (e.g., RSA) Message digest (e.g., MD5) Security services Privacy:
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.
Cryptography  Why Cryptography  Symmetric Encryption  Key exchange  Public-Key Cryptography  Key exchange  Certification.
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Midterm Review Cryptography & Network Security
CS526: Information Security Prof. Sam Wagstaff September 16, 2003 Cryptography Basics.
4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
Network Security David Lazăr.
Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?
30.1 Chapter 30 Cryptography Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
1 Network Security Basics. 2 Network Security Foundations: r what is security? r cryptography r authentication r message integrity r key distribution.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Public Key Cryptosystems RSA Diffie-Hellman Department of Computer Engineering Sharif University of Technology 3/8/2006.
TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.
Encryption CS110: Computer Science and the Internet.
CS 6401 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CS 4803 Fall 04 Public Key Algorithms. Modular Arithmetic n Public key algorithms are based on modular arithmetic. n Modular addition. n Modular multiplication.
Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
Chapter 40 Network Security (Access Control, Encryption, Firewalls)
EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.
1 AGREEMENT PROTOCOLS. 2 Introduction Processes/Sites in distributed systems often compete as well as cooperate to achieve a common goal. Mutual Trust/agreement.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Security Outline Encryption Algorithms Authentication Protocols
PART VII Security.
Public-Key, Digital Signatures, Management, Security
Presentation transcript:

Distributed Operating Systems CS551 Colorado State University at Lockheed-Martin Lecture 9 -- Spring 2001

11 April 2001CS-551, Lecture 92 CS551: Lecture 9 n Topics – Distributed Security (Chapter 11) n Cryptography & Digital Signatures n Authentication n Access Controls (Firewalls) – Other Algorithms

11 April 2001CS-551, Lecture 93 Terms n Computer security: “frequently consists of two parts: authentication and access control” n Authentication: “involves the verification and identification of a valid user” n Access control: “strives to prevent unwanted tampering with data files and system resources”

11 April 2001CS-551, Lecture 94 Terms, continued n Encryption: “encoding data using a key in such a manner that an eavesdropper cannot easily read the data” n Plaintext: “ the original data” n Ciphertext: “the encrypted data” n Decryption: “going from ciphertext to plaintext”

11 April 2001CS-551, Lecture 95 Terms, concluded n Computationally secure: “An encryption algorithm is computationally secure if the system cannot be broken by systematic analysis with available resources.” n Private key versus public key n Symmetric versus asymmetric encryption

11 April 2001CS-551, Lecture 96 Simple Encryption n Cereal box code ring n See Java assignment on encryption – Caesar cipher – Polyalphabetic cipher

11 April 2001CS-551, Lecture 97 Figure 11.1 Alice and Bob Use Cryptography. Read I as J in Cypher text

11 April 2001CS-551, Lecture 98 Symmetric Encryption n “encryption algorithms where the encryption and the decryption algorithm utilize the same key” n Examples: – Caesar cipher – Polyalphabetic cipher n Key must be private n “Secret-key encryption” n Q: how to communicate the key? – Diffie-Hellman key exchange

11 April 2001CS-551, Lecture 99 Figure 11.5 Diffie-Hellman Key exchange.

11 April 2001CS-551, Lecture 910 DES: Data Encryption Standard n Popular private key encryption method n US standard (NIST 1977) n Based on IBM’s LUCIFER system n 64-bit key (8 for error detection) n Encrypts data in blocks of 64 bits n 70,000,000,000,000,000 possible keys n Three-phrase encryption and decryption

11 April 2001CS-551, Lecture 911 DES Phase 1: Initial Permutation n A permutation of the 64-bit block, changing the order of bits within each block n Each 64-bits broken up into two halves – L 0, left half – R 0, right half n See DES Permutation Table – E.g. the new first bit was the 58 th bit – The new last bit was the 7 th bit

11 April 2001CS-551, Lecture 912 Table 11.1 DES Initial Permutation [NIST77].

11 April 2001CS-551, Lecture 913 DES Phase 2: Shifting (16 times) n Table-dependent n Each shift uses different subblock of key n Which subblock is used is determined by – another set of tables – its own shifting algorithm n The subscripts of the left and right halves are incremented with each shift

11 April 2001CS-551, Lecture 914 DES Phase 3: Inverse Permutation n Similar to Phase 1 – Permutes order of bits within each block n Employs the DES Inverse Permutation table n Generates the final ciphertext n See figure 11.2

11 April 2001CS-551, Lecture 915 Table 11.2 DES Inverse Permutation [NIST77].

11 April 2001CS-551, Lecture 916 Figure 11.2 The Three Phases of DES.

11 April 2001CS-551, Lecture 917 Triple DES n Enhanced security n Employs three 64-bit keys n DES is used three times on the data, each time with a different key – E(P, k 1 ) = C 1 – E(C 1, k 2 ) = C 2 – E(C 2, k 3 ) = C 3 (ciphertext)

11 April 2001CS-551, Lecture 918 Figure 11.3 Triple DES.

11 April 2001CS-551, Lecture 919 Asymmetric Encryption n Involves two keys – A public key, k u – A private key, k r n E(P, k u ) = C and D(C, k r ) = P OR n E(P, k r ) = C and D(C, k u ) = P n Do not decrypt ciphertext with same key as encryption key n Mathematically difficult to obtain one key from the other n Example: Diffie-Hellman, 1976

11 April 2001CS-551, Lecture 920 Figure 11.4 Public-Key Cryptography. Output is ???? Where K r != K u Does not use K r Appears to use K u

11 April 2001CS-551, Lecture 921 RSA n By Rivest, Shamir, and Adleman (1978) n A public-key encryption algorithm n Patented n Three phases

11 April 2001CS-551, Lecture 922 RSA Phase 1 n Determining public and private keys 1. Choose two large prime numbers, P and Q 2. Compute N = P * Q 3. Compute F(N) = (P – 1) (Q – 1) 4. Choose e: 1 <= e <= N–1; GCD (e, F(N)) = 1 5. Compute d, where ed = 1 (mod F(N)) 6. Make d and N public as they make up the public key

11 April 2001CS-551, Lecture 923 RSA Phases 2 and 3 n Phase 2: Encrypting the message, M – 1 <= M <= N – 1 – C = M e (mod N), ciphertext n Phase 3: Decrypting the ciphertext, C – C d (mod N) = M, original message

11 April 2001CS-551, Lecture 924 RSA Example n Phase 1: 1. Alice chooses P=5, Q=11 2. So, N = P*Q = F(N) = (P - 1) (Q - 1) = Choose e = 7 [GCD(40,7) = 1] 5. Determine D = 23 since 7*23 (mod 40) = 161 (mod 40) = 1

11 April 2001CS-551, Lecture 925 RSA Example, continued n Phase 2 1. Send message M = Compute C = M e (mod N) = 25 7 (mod 55) = 610,351,625 (mod 55) = 20 (ciphertext)

11 April 2001CS-551, Lecture 926 RSA Example, concluded n Phase 3 1. C = C d (mod N) = M So (mod 55) = *10 23 (mod 55) = 25 = M

11 April 2001CS-551, Lecture 927 Figure 11.5 Diffie-Hellman Key exchange.

11 April 2001CS-551, Lecture 928 Diffie-Hellman Example 1. Alice and Bob agree to let p=11, a=7 2. Alice generates x=5, where 2 <= 5 <= Alice computes a x (mod p) = 7 5 (mod 11) = (mod 11) = 10 and sends 10 to Bob 4. Bob generates y=8, where 2 <= 8 <= Bob computes a y (mod p) = 7 8 (mod 11) = 5,764,801 (mod 11) = 9 and sends 9 to Alice 6. Bob computes (a x ) y (mod p) = (7 5 ) 8 (mod 11) = 7 5*8 (mod 11) 7. Alice computes (a y ) x (mod p) = (7 8 ) 5 (mod 11) = 7 8*5 (mod 11)

11 April 2001CS-551, Lecture 929 Digital Signatures with Public-Key Encryption n Employs RSA n May use private key to encrypt – Entire file (expensive) – Just signature n Advantage: no key distribution problems n Recipient may use public key to decrypt and verify origin n Only proper public key will decrypt

11 April 2001CS-551, Lecture 930 Authentication n Several steps necessary n First step is verifying identity of user n Three methods – User password – User key – Uniqueness of user (fingerprint, retina pattern) n Note: these methods work on centralized systems as well

11 April 2001CS-551, Lecture 931 Authentication in a DS n Concerns: – Eavesdropping – Multiple password management – Replay – Trust n Common solution: certificates

11 April 2001CS-551, Lecture 932 Certificates n “a computer-generated, frequently time- valid, authenticated packet of information” n Time-valid => prevents later replay – Can be done with timestamp or nonce – Nonce: “a random value unique for each communication” n Two approaches: – List of certificates, e.g. X.509 – Centralized certificate distribution center

11 April 2001CS-551, Lecture 933 Figure 11.6 Certificate List Utilized in Secure RPC.

11 April 2001CS-551, Lecture 934 Figure 11.7 Three-Way X.509 Authentication.

11 April 2001CS-551, Lecture 935 Figure 11.8 Chaining Certificate Authorities in X.509.

11 April 2001CS-551, Lecture 936 Figure 11.9 Kerberos Phase 1 Details. ID T = Ticket Granting Service’s ID ID C = Client’s ID ID S = Server’s ID N i = Nonce value K C = Client’s private key K S = Application Server’s key K T = Ticket Granting Service’s private key K 1 = System Ticket K 2 = Service Ticket T S = Starting Time Stamp T E = Ending Time Stamp E(a,K) = Applications on encryption algorithm to a with key K

11 April 2001CS-551, Lecture 937 Figure Kerberos Phase 2 Details.

11 April 2001CS-551, Lecture 938 Figure Kerberos Phase 3 Details.

11 April 2001CS-551, Lecture 939 Access Control (Firewalls) n Firewall: “should be immune to security threats and prevent all security threats from passing through the wall and to the system(s) it protects” n Categories – Packet-filtering gateways – Proxy services n Both types may be used together

11 April 2001CS-551, Lecture 940 Packet Filtering Gateways n “involves a security engineer who must explicitly state what may pass through the wall … what internal information may go out of the firewall as well as what outside locations are allowed … may specify what internal computer services may be shared with the outside world.” n “generally implemented on the router that connects the internal system to the outside world”

11 April 2001CS-551, Lecture 941 Firewall Routers n “provide a better user interface” n “easier to configure for security-based filtering” n Uses source/destination IP addresses n Checks IP addresses against table of rules

11 April 2001CS-551, Lecture 942 Proxy Servers n “represents an internal client’s services to the outside world” n Two basic types – Application-level gateway proxy services – Circuit-level proxy services

11 April 2001CS-551, Lecture 943 Application-level gateways n Bastion hosts n Dual-homed hosts

11 April 2001CS-551, Lecture 944 Circuit-level gateways n Transparent to user

11 April 2001CS-551, Lecture 945 Firewall Architectures n Bastion host architecture n Filtering host architecture n Filtering subnet architecture

11 April 2001CS-551, Lecture 946 Figure Bastion Host Firewall Architecture.

11 April 2001CS-551, Lecture 947 Figure Filtering Host Firewall Architecture.

11 April 2001CS-551, Lecture 948 Figure Filtering Subnet Firewall Architecture.

11 April 2001CS-551, Lecture 949 Agreement Protocols n Distributed processes sometimes must agree n If some sites are faulty, this can be difficult – Need to identify/isolate the faults n Model assumptions: – n PEs, at most m PEs are faulty – PEs can communicate directly with each other – Receiver can always determine sender of a msg – Communication medium is reliable – PEs can fail

11 April 2001CS-551, Lecture 950 Synchronous Computation n A step (or round) consists of the following: – Receive messages – Compute – Send messages n PEs in lockstep n This model is assumed

11 April 2001CS-551, Lecture 951 Asynchronous Computation n No synchronization – At any time, a PE can n Send messages n Compute n Receive messages n Agreement problem is unsolvable in this case

11 April 2001CS-551, Lecture 952 PE Failure Model (modes) n Crash fault – PE stops, does not restart n Omission fault – PE omits to send a message that it should have n Malicious fault – Random behavior n E.g. sends fictitious messages n If a non-faulty PE doesn’t receive a message, it can make up a message

11 April 2001CS-551, Lecture 953 Authenticated Messages n Also called signed messages n A message cannot be forged or modified by a faulty PE n Non-authenticated messages – PE can forge or modify a message n As it relays it to the next node

11 April 2001CS-551, Lecture 954 Performance n Time – Number of rounds to reach agreement n Message traffic – Number of messages needed to reach agreement n Storage overhead – Amount of information stored at each node

11 April 2001CS-551, Lecture 955 Types of Agreement Problems n Byzantine Agreement Problem n Consensus Problem n Interactive Consistency Problem Recall Lamport’s Byzantine Generals paper

11 April 2001CS-551, Lecture 956 Byzantine Agreement Problems n An arbitrary (source) PE broadcasts a value n Solution: – Agreement n All non-faulty PEs agree on one value – Validity n If source PE is non-faulty, then agree on source’s initial value – If source is faulty, can agree on any value – Faulty PE can agree or not (don’t care)

11 April 2001CS-551, Lecture 957 Consensus Problems n All PEs broadcast initial values to all PEs n Solution: – Agreement n All non-faulty PEs agree on one value – Validity n If all non-faulty PEs start with same value, they will agree on that value

11 April 2001CS-551, Lecture 958 Interactive Consistency Problem n All PEs broadcast initial values to all PEs n Solution: – Agreement n All non-faulty PEs agree on vector v 1, v 2, …, v n – Validity n If i th PE is non-faulty and its value is v i, then all non-faulty PEs end with v i as i th value

11 April 2001CS-551, Lecture 959 How the problems compare n Byzantine is special case of interactive problem – Only uses one of the vector values n If each PE runs a copy of Byzantine, then this is the same as solving the interactive problem n Can use interactive to solve consensus problem – Can agree to use a majority value in vector n So, can derive all solutions from a solution to the Byzantine problem – So only consider the Byzantine

11 April 2001CS-551, Lecture 960 Byzantine Solutions n All PEs must exchange messages to reach consensus – Send their own values – Relay received values – Faulty PEs will be confusing n Limit on number of faulty PEs

11 April 2001CS-551, Lecture 961 Limit on Faulty PEs n Limit: m <= floor ( (n-1) / 3 ) n Need m+1 rounds of message exchanges (at least) n E.g if n = 4, then m <= 1 – If m = 1, then each non-faulty PE gets 3 messages n It can take the majority value – The faulty PE will always be outvoted

11 April 2001CS-551, Lecture 962 Lamport – Shostak - Pease n Given n PEs and less than m faulty PEs – n >= 3m + 1 n Recursive algorithm – OM(0) – Oral Message Algorithm n Source sends its value to all other PEs n Each PE uses the value it receives for the source

11 April 2001CS-551, Lecture 963 Lamport-Shostak-Pease: Example P0P0 P2P2 P3P3 P1P1 OM(0)

11 April 2001CS-551, Lecture 964 L-S-P: Example, continued P0P0 P2P2 P3P3 P1P1 OM(1) P 2 is faulty

11 April 2001CS-551, Lecture 965 L-S-P: Example, continued P0P0 P2P2 P3P3 P1P1 OM(1) 7 7,3,7 7,2,7 7,7,7

11 April 2001CS-551, Lecture 966 L-S-P: Example, concluded P0P0 P2P2 P3P3 P1P1 OM(1) Now try an example with N=7 and M=2

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.