Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Slides:

Advertisements

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

Advertisements

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Network Security V.T. Raja and James Coakley Oregon State University.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Cryptographic Technologies

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Network Security – Part 1 Spring 2005 V.T. Raja, Ph.D., Oregon State University.

Network Security understand principles of network security:

Security Module – Part 1 Spring 2006 V.T. Raja, Ph.D., Oregon State University.

Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.

Computer Science Public Key Management Lecture 5.

CSCI 6962: Server-side Design and Programming

Chapter 31 Network Security

Public Key Cryptography July Topics  Symmetric and Asymmetric Cryptography  Public Key Cryptography  Digital Signatures  Digital Certificates.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Lecture 19 Page 1 CS 111 Online Symmetric Cryptosystems C = E(K,P) P = D(K,C) E() and D() are not necessarily the same operations.

8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.

10/1/2015 9:38:06 AM1AIIS. OUTLINE Introduction Goals In Cryptography Secrete Key Cryptography Public Key Cryptograpgy Digital Signatures 2 10/1/2015.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Cryptography, Authentication and Digital Signatures

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

Computer and Internet Security. Introduction Both individuals and companies are vulnerable to data theft and hacker attacks that can compromise data,

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.

23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.

Chapter 16 Security Introduction to CS 1 st Semester, 2012 Sanghyun Park.

Internet-security.ppt-1 ( ) 2000 © Maximilian Riegel Maximilian Riegel Kommunikationsnetz Franken e.V. Internet Security Putting together the.

11-Basic Cryptography Dr. John P. Abraham Professor UTPA.

Cryptography (2) University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Encryption. What is Encryption? Encryption is the process of converting plain text into cipher text, with the goal of making the text unreadable.

1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 2: Message integrity.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Digital Signatures, Message Digest and Authentication Week-9.

1 Network Security Basics. 2 Network Security Foundations: r what is security? r cryptography r authentication r message integrity r key distribution.

Authentication Issues and Solutions CSCI 5857: Encoding and Encryption.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Authentication. Goal: Bob wants Alice to “prove” her identity to him Protocol ap1.0: Alice says “I am Alice” Failure scenario?? “I am Alice”

Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.

Security Matters V.T. Raja, Ph.D., Oregon State University.

Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.

Network Security Celia Li Computer Science and Engineering York University.

1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.

Computer Communication & Networks

Chapter 7 Network Security

Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.

Protocol ap1.0: Alice says “I am Alice”

Protocol ap1.0: Alice says “I am Alice”

Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.

Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.

Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.

Security: Integrity, Authentication, Non-repudiation

Digital Signatures Cryptographic technique analogous to hand-written signatures. sender (Bob) digitally signs document, establishing he is document owner/creator.

Chapter 8 roadmap 8.1 What is network security?

Presentation transcript:

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University

BA483: Network Security Part 2 - Outline Public Key Cryptography Public keys and Private keys RSA Algorithm Authentication Authentication Protocol (ap) –ap 1.0, 2.0, 3.0, 3.1, 4.0, 5.0 Exchanging Public Keys Man (Woman) in the middle-attack

Introduction - Public Key Cryptography Disadvantage of symmetric key cryptography? –Agreeing upon a shared symmetric key in a secure manner Until 1970s encryption involved symmetric key Is it possible for two parties to communicate using encryption/decryption without using a shared secret key? –Yes. Using public key cryptography A radically different and marvelously elegant approach towards encryption/decryption Public key cryptography is useful not only for encryption/decryption, but also for authentication and digital signatures as well.

Basic Idea of Public Key Cryptography Each participant has a private key (known only to the participant) and a public key. The public key is created with one’s private key. Public key is made available to others and could be posted even on a website which is accessible by the rest of the world. Public key of recipient is used by sender to encrypt message. Recipient decrypts message using recipient’s private key.

Example: Using Public Key Cryptography Example: –Alice wishes to send a message to Bob. –Alice fetches Bob’s public key. –Alice uses Bob’s public key to encrypt message –Alice sends encrypted message to Bob. –Bob decrypts cipher text with Bob’s private key.

Notation and Choice of Keys Assume Alice’s plain text message, (which has to be encrypted and then sent to Bob) is denoted as m. Assume Bob’s public key is denoted as K B + and his private key is denoted as K B -. These keys are chosen such that: K B - (K B + (m)) = K B + (K B - (m)) = m

RSA Algorithm How does RSA work? Class Participation Exercise on RSA application Why does RSA work? (See MS Word handout for answers to above questions)

RSA Algorithm Even for small p and q, as seen in the participation exercise, we had to deal with extremely large numbers. If we follow the suggestion of RSA labs and select p and q to be several hundred bits long, then the following practical issues come to mind: –How to choose large prime numbers p and q? –How to choose e and d? –How to perform exponentiation with large numbers?

RSA and DES/AES DES is at least 100 times faster than RSA. In practice, RSA is often used in combination with DES or AES. How? –Alice encrypts DES key with Bob’s public key –Bob decrypts and obtains DES key with his private key –Data is encrypted using DES key, (which now both Alice and Bob have access to in order to encrypt/decrypt data).

Security of RSA The security of RSA relies on the fact that there are no known algorithms for quickly factoring a number (n), into the primes p and q. If one knew p and q, then given e, one could then easily compute the secret key d. It is not known whether or not there exist fast algorithms for factoring a number, and in this sense the security of RSA is not guaranteed.

Authentication ap 1.0 –Alice announces to Bob, “I am Alice.” Trudy could have sent this message. ap 2.0 –Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by matching source IP (in IP header) with Alice’s IP. Trudy could have sent this message if she had done IP spoofing.

Authentication ap 3.0 –Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by verifying her plaintext password. Trudy may have already eavesdropped earlier, and have stolen Alice’s plaintext password during an earlier conversation between Alice and Bob. Now, Trudy could send the message, “I am Alice” by using Alice’s plaintext password. ap 3.1 –Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by verifying her encrypted password, which is kept the same for different communication sessions between Bob and Alice. Same disadvantage mentioned in ap 3.0 still exists. Note that Trudy need not decrypt the password. She could still eavesdrop, steal encrypted password, and then perform a “playback attack” on Bob.

Authentication ap 4.0 –Alice announces to Bob, “I am Alice.” –Bob sends a plaintext nonce (= r) to Alice. Note that nonce is a one time value that is specific to that communication session. It is not repeated again in another session. So “playback attack” is not possible. –Alice resends same nonce back to Bob but this time nonce is encrypted with symmetric key used by Alice and Bob. –Bob decrypts nonce using symmetric key. If decrypted nonce equals the nonce he sent Alice earlier (i.e. decrypted nonce = r), then Alice is authenticated. –However, this implies that Alice and Bob must have decided upon and exchanged their symmetric key.

Authentication ap 5.0 –Alice announces to Bob, “I am Alice.” –Bob sends a plaintext nonce (= r) to Alice. Since nonce is a one-time value, “playback attack” is not possible. –Alice resends same nonce back to Bob but this time nonce is encrypted with Alice’s private key. –Bob decrypts nonce using Alice’s public key. If decrypted nonce equals the nonce he sent Alice earlier (i.e. decrypted nonce = r), then Alice is authenticated.

Exchanging Public Keys Why should public key be publicly available? Wouldn’t it be better for Alice and Bob to exchange their respective public keys via , after authenticating each other? –Due to possibility of “man (woman) in the middle attack.”

Man (Woman) in the Middle Attack Alice transmits, “I am Alice.” Trudy (alias Eve) eavesdrops. Bob sends a nonce = r. Trudy intercepts nonce, and sends Bob encrypted nonce (encrypted using her private key). Bob sends a message to Alice asking her for a public key. Trudy intercepts message, and sends Bob Trudy’s public key. Bob decrypts nonce with Trudy’s public key (thinking that he is using Alice’s public key), and inadvertently authenticates Trudy. While Bob is encrypting new data using Trudy’s public key, Trudy is busy posing as Bob to Alice. In particular, –Trudy transmits Bob’s nonce to Alice –Alice transmits encrypted nonce (encrypted using Alice’s private key). –Trudy intercepts encrypted nonce, and asks Alice for her public key. –Alice sends her public key

Man (Woman) in the Middle Attack Bob sends encrypted data (encrypted using Trudy’s public key) Trudy decrypts using her private key, and finds out Bob’s plain text. Trudy encrypts Bob’s plain text using Alice’s public key. Trudy transmits encrypted text to Alice. Alice decrypts using her private key, and finds out Bob’s plain text. Alice and Bob are happy that they have had a secure communication. They are ignorant of the fact that Trudy has intercepted and decrypted Bob’s message to Alice.

Public Key Certification PK cryptography – possible for two entities to exchange secret messages without having to exchange secret keys. Communicating entities have to exchange public keys (without being subject to “man in the middle attack”). Binding a public key to a particular entity is typically done by a Certification Authority (CA).

Certification Authority A CA verifies that an entity is who it claims to be. After verification, CA creates a certificate that binds the public key of the entity to the identity. Certificate – includes a public key – includes globally unique identifying information about owner of the public key –Is digitally signed by CA (Internet Explorer – Tools, Internet Options, Content, Certificates)

Digital Signatures and Message Digests Assume Bob wants to digitally sign a “document,” m. Bob’s digital signature could be K B - (m) Due to complexity of RSA, digital signatures are applied to “fingerprints” instead of being applied to message m. Fingerprint – H(m) – where H denotes a “hash algorithm” Bob’s digital signature is K B - (H(m))

Message Digests Message Digest (Hash) algorithms: –MD5; SHA-1; SHA-224;-256;-384;-512 Secure Hash Algorithm is a U.S. federal standard Required for use whenever a secure message digest algorithm is required for federal applications Produces a 160-bit message digest. Longer the output length, the more secure SHA-1 SHA-224, SHA-256, SHA-384, and SHA-512, which despite the similarity of names, are actually fairly different algorithms to SHA-1 and have much wider safety margins.