Presentation is loading. Please wait.

Presentation is loading. Please wait.

COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment.

Published byJanae Tole Modified over 10 years ago

Similar presentations

Presentation on theme: "COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment."— Presentation transcript:

1 COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment 3

2 COS 461 Fall 1997 Security Goals u confidentiality: Who can read this data? u integrity: Who can modify this data? u authentication: Who am I talking to? u authorization: Is this person allowed to do this operation?

3 COS 461 Fall 1997 Network Security Challenges u on the net, often communicate indirectly, through intermediaries –intermediaries can eavesdrop or corrupt messages u interact with unlimited number of parties u frequent interactions with untrusted people

4 COS 461 Fall 1997 Private Communication encrypt key decrypt key ciphertext plaintext Practical issues: - security of end systems - how to establish a shared secret key

5 COS 461 Fall 1997 In Assignment 3... u use AcmeNet.Util.AcmeCipher cipher –constructor »cipher = new AcmeCipher(long key); –to encrypt a byte »ciphertext = cipher.crypt(plaintext); »same to decrypt –64-bit (Java long) key

6 COS 461 Fall 1997 Key Establishment u use armed courier –slow and expensive u use face-to-face meeting –doesnt scale u use cryptographic tricks –good: no face-to-face meeting required –bad: hard to get right

7 COS 461 Fall 1997 Diffie-Hellman Algorithm u the big picture –two strangers have a public conversation –result is a secret shared between them –eavesdroppers cant learn the secret u patented; patent expired in September u relies on difficulty of finding discrete log –assume g and p are chosen cleverly –given g x mod p, very hard to determine x

8 COS 461 Fall 1997 Diffie-Hellman in Action AliceBob generate random Agenerate random B M a = g A mod pM b = g B mod p MaMa MbMb compute K = M b A mod p = g BA mod p compute K = M a B mod p = g AB mod p agree on g and p

9 COS 461 Fall 1997 But Wait... Alice Dr. EvilBob MaMa EaEa MbMb EbEb encrypted data

10 COS 461 Fall 1997 Whats Going On? u Diffie-Hellman gives you a private connection to somebody u but you dont know who is at the other end u need to take separate steps to prevent man- in-the-middle attack –digitally sign Diffie-Hellman messages, or –do separate authentication phase later

11 COS 461 Fall 1997 In Assignment 3... u AcmeNet.Util.DiffieHellman class implements the math –built-in choice of g, p –to do an exchange »make a new DiffieHellman object »read its gx field and send it across »get arriving message and pass it to the gotMessage method of your Diffie-Hellman object »use the key field of the Diffie-Hellman object

12 COS 461 Fall 1997 In Assignment 3... u PrivateConnection class extends Connection, adding privacy –start with an ordinary Connection –do a Diffie-Hellman exchange on the connection to generate a private key –encrypt subsequent data on the connection with the DH-generated key –no guarantees about who is on the other end

13 COS 461 Fall 1997 Authentication u How can we protect against impersonation? u two approaches –digital signatures (and similar schemes) –trusted third party u usual approach: claim identity, then prove it u sometimes, authenticate and exchange keys in a single protocol

14 COS 461 Fall 1997 Digital Signatures u everybody has two keys –a private key for signing –a public key for verifying signatures u need a secure way to find the keys of others –trusted certification authority signs key certificates, or –letter of introduction approach

15 COS 461 Fall 1997 Using Signatures (First Try) u challenge/response protocol u how Alice proves her identity to Bob –Bob sends a random challenge to Alice –Alice signs the challenge and sends it back –Bob verifies the signature u prone to man-in-the-middle attack

16 COS 461 Fall 1997 Signatures and Diffie-Hellman u after D-H exchange, each side concatenates the message it sent and the message it received, and signs the pair u verify the other sides signature u nice synergy –message sent by D-H acts as a challenge –signatures protect D-H from man-in-the-middle

17 COS 461 Fall 1997 Trusted Third Party Auth. u Alice and Bob have a three-way conversation with a third party (Trent) u result is a key that only Alice and Bob know u no need for signatures or public-key crypto u Trent must be completely trustworthy or all is lost u each party must share a key with Trent

18 COS 461 Fall 1997 Needham-Schroeder Protocol u steps –Alice and Bob state their identities »they could be lying! –Alice sends to Trent (Alice, Bob, na) –Trent generates a key K, creates a ticket (Alice, K) and encrypts it with Bobs key –Trent sends to Alice (na, Bob, K, encrypted- ticket), all encrypted with Alices key –Alice sends the encrypted ticket to Bob

19 COS 461 Fall 1997 Needham-Schroeder u in the end, either –Both parties are telling the truth about their identities, and both know the key K, or –at least one party is lying, and the liar doesnt know K u do a challenge-response handshake to verify knowledge of K in both directions u if handshake works, use K to encrypt data

20 COS 461 Fall 1997 Key Verification Handshake u steps –set up encryption using the new key K »actually, use K in one direction, K+1 in the other –send a random challenge to the other side –receive the other sides challenge, and add one to it; send the result back –verify the other sides response

21 COS 461 Fall 1997 In Assignment 3... u use a modified version of Needham- Schroeder protocol –set up PrivateConnection –do key-exchange/auth protocol –switch to newly generated shared key u trusted AuthenticationService lives at a well-known location –talk to AuthService via PrivateConnection

22 COS 461 Fall 1997 In Assignment 3... u each student has his/her own identity –String identity equal to Unix userid u each student shares a key with the AuthService –64-bit value –think of it as a password –stored in protected file accessible to AuthService

23 COS 461 Fall 1997 Generating Your Key u can use AcmeNet.Util.Login to translate a String or byte-array into a Java long –can use text passphrase rather than a number u email exchange to set up keys u please dont –use a serious secret as your key –use an easily guessable key –use the Assn 3 algorithms for high security applications

24 COS 461 Fall 1997 More About Security u public-key cryptography u key management issues u tamper-proof devices u authorization u logging, auditing and post-mortem repair u intrusion detection u policy creation and enforcement u etc.

Download ppt "COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment."

Similar presentations

Chapter 3 Public Key Cryptography and Message authentication.

Chapter 3 Public Key Cryptography and Message authentication.
The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
Public Key Cryptography Nick Feamster CS 6262 Spring 2009.

Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Chapter 10 Real world security protocols

Chapter 10 Real world security protocols
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.

15-1 Last time Internet Application Security and Privacy Public-key encryption Integrity.
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.

CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.
Attacks on Digital Signature Algorithm: RSA

Attacks on Digital Signature Algorithm: RSA
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Similar presentations

Ads by Google