Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:"— Presentation transcript:

1 CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk

2 CS470, A.SelcukReal-Time Communication Issues2 The Internet A packet-switched network: Data to be transmitted is divided into “packets” Each packet is forwarded by “routers” towards the destination...

3 CS470, A.SelcukReal-Time Communication Issues3 Security of TCP/IP Communications The TCP/IP reference model: IP: delivery of packets to the destination TCP: reliability of the communication –ordering the packets –error detection & recovery –congestion control UDP: basic transport protocol Application Layer (HTTP, FTP, SMTP, etc.) Transport Layer (TCP, UDP) Network Layer (IP) Data Link Layer (PPP, Ethernet, etc.) Physical Layer

4 CS470, A.SelcukReal-Time Communication Issues4 Securing TCP/IP Layer 3: –can secure all IP comm., transparent to applications –must be built into the OS Layer 4: –doesn’t require OS modification; deployment easy Application L. Transport L. Network L. Data Link L. Physical L. Layer 4 (SSL/TLS) Layer 3 (IPsec)

5 CS470, A.SelcukReal-Time Communication Issues5 Real-Time Protocol Issues Interactive session security (unlike e-mail) End-to-end security (encryption/authentication) requires layer 3 or 4 (or, layer 3.5 & 4.5) protection

6 CS470, A.SelcukReal-Time Communication Issues6 IPv4 Header 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Version| IHL |Type of Service| Total Length | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Identification |Flags| Fragment Offset | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Time to Live | Protocol | Header Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Destination Address | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

7 CS470, A.SelcukReal-Time Communication Issues7 TCP Header 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

8 CS470, A.SelcukReal-Time Communication Issues8 UDP Header 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

9 CS470, A.SelcukReal-Time Communication Issues9 Layer 4 (SSL) Implemented on top of layer 4, between TCP & application Doesn’t require any modifications to OS (deployment made easy!)

10 CS470, A.SelcukReal-Time Communication Issues10 Layer 3 (IPsec) Implemented between IP & TCP Each IP packet authenticated separately Built in the OS Can secure all IP communication Host-to-host and network-to-network application is common; process-to-process also possible

11 CS470, A.SelcukReal-Time Communication Issues11 Session Key Establishment Message authentication with a session key is needed against connection hijacking Sequence numbers needed against packet replays (different from TCP seq.no.) Session key reset before seq.no. wraps around For freshness guarantee, both parties should contribute to the session key

12 CS470, A.SelcukReal-Time Communication Issues12 Perfect Forward Secrecy PFS: Compromise of long-term secrets doesn’t compromise session keys Example: DH with RSA authentication Non-PFS examples: –Kerberos –Session key transport with RSA encryption By-product: Escrow prevention Conversations can’t be decrypted by authorities holding copies of long-term private keys

13 CS470, A.SelcukReal-Time Communication Issues13 DoS Protection If attacker can make server do DH exponentiation by just initiating a session, DoS is made easy Protection: –cookies –puzzles

14 CS470, A.SelcukReal-Time Communication Issues14 DoS Protection – Cookie Solution Server responds to session requests with a random number (cookie). Initiator has to respond back with that cookie to continue Attacker would either –reveal its address –or, abort the attack Stateless cookies: cookie is H(IP address, secret); server doesn’t remember it.

15 CS470, A.SelcukReal-Time Communication Issues15 DoS Protection – Puzzle Solution Server requires initiator to solve a puzzle E.g., MD5(x) = …, x = ?, for an n-bit x. Solving is slow, verification fast. Can be made adaptive to increasing load. (how?) Can be made stateless. (how?) Can be used against spam as well

16 CS470, A.SelcukReal-Time Communication Issues16 Identity Hiding Hiding the parties’ identities from eavesdroppers Do DH without authentication. Then send the authentication info encrypted under the session key. Passive attacker can’t learn identities

17 CS470, A.SelcukReal-Time Communication Issues17 Live Partner Assurance Against replays, different DH exponents must be used in different sessions DH exponentiation is expensive; problem for servers, low-end clients Solution: Constant DH exponents, different nonces. Incorporate nonces into the session key. E.g., K = H(g ab mod p, nonces)

18 CS470, A.SelcukReal-Time Communication Issues18 Other Issues Session resumption: Use previously established session keys to bypass public-key authentication Deniability: Don’t use signatures for authentication. Use encryption with public keys. (e.g., the SKEME protocol) Crypto negotiations: Key exchange protocols negotiate the algorithms to be used as well

Download ppt "CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:"

Similar presentations

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec – AH & ESP1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
TCP/IP Christopher Zacky. lolwut Decimal Numbers.

TCP/IP Christopher Zacky. lolwut Decimal Numbers.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.05 Transport Layer (4)

CISCO NETWORKING ACADEMY Chabot College ELEC Transport Layer (4)
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Chapter 5: TCP/IP and OSI Business Data Communications, 5e.

Chapter 5: TCP/IP and OSI Business Data Communications, 5e.
CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.

CS3505 The Internet and Info Hiway transport layer protocols : TCP/UDP.
Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.

Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
IPsec – IKE CS 470 Introduction to Applied Cryptography

IPsec – IKE CS 470 Introduction to Applied Cryptography
CS470, A.SelcukIPsec Attacks1 IPsec ESP Attacks CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukIPsec Attacks1 IPsec ESP Attacks CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

Similar presentations

Ads by Google