1. Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 21 – Internet Security Protocols and Standards

2. Objectives The student should be able to  Define VPN.  Describe the advantages of link versus end-to-end encryption.  Define the protection provided by SSL/TLS, IPsec.  Show where the following protocols exist in the protocol stack, and describe which applications they can be used with: SSL/TLS, IPSec, S-MIME.  Show a diagram of what happens to a packet during Tunnel versus Transport mode in IPSEC.

3. Internet Security Protocols and Standards  Secure Sockets Layer (SSL) / Transport Layer Security (TLS)  IPv4 and IPv6 Security  S/MIME (Secure/Multipurpose Internet Mail Extension)

4. VPNs Virtual Private Network (VPN): A means of carrying private traffic over a public network  Uses link encryption to give users sense that they are operating on a private network when they are actually transmitting over a public network  Communications pass through an encrypted tunnel Intranet VPN: Connects two or more private networks within the same company Extranet VPN: Connects two or more private networks between different companies  E.g., B2B or business-to-business communication. Remote Access VPN: A roaming user has access to a private network via wireless, hotel room, etc.

5. Encryption Types End-to-End Encryption Link Encryption Router SourceDestination

6. Importance of Encryption Location: MAC TCP IP LLC MAC Physical APL IC TCP IP LLC MAC Physical APL IC IP LLC MAC Physical LLC MAC Physical WirelessWired MACLLCIPTCPApp - DataCRC

7. Importance of Encryption Location: IP TCP IPSEC/ IP LLC MAC Physical APL IC TCP IP LLC MAC Physical APL IC IPSEC/ IP LLC MAC Physical LLC MAC Physical VPN Router/Firewall may unencrypt MACLLCIPTCPApp - DataCRC

8. Importance of Encryption Location: App. TCP IP LLC MAC Physical APL IC TCP IP LLC MAC Physical APL IC IP LLC MAC Physical LLC MAC Physical HTTPS HTTP MACLLCIPTCPApp - DataCRC

9. Link versus End-to-End Encryption Use when LINK is vulnerable: Packet sniffers & eavesdroppers Use when Intermediate nodes may be compromised Link-Specific: All packets transmitted on the single link are encrypted Connection-Specific: A connection is encrypted across all its links Encrypted for all protocol layers (at or above encryption layer) Encrypted for upper layer protocols only Intermediate nodes decryptIntermediate nodes cannot decrypt Provides node authenticationProvides user authentication Transparent to user: One key per linkNot user-transparent: One key per connection One algorithm for all usersUser selects encryption algorithm Encryption done in hardwareEncryption done in hardware or software Virtual Private Network (VPN) IP Security (IPsec) Secure Shell (SSH) Secure Socket Layer (SSL)

10. Encryption Protocols HTTPFTPSMTP TCP or UDP IPSec IP HTTP SSL or TLS TCP IP HTTPSVPN

11. Secure Sockets Layer (SSL)  transport layer security service originally developed by Netscape originally developed by Netscape version 3 designed with public input version 3 designed with public input  subsequently became Internet standard RFC2246: Transport Layer Security (TLS)  use TCP to provide a reliable end- to-end service  may be provided in underlying protocol suite  or embedded in specific packages SSL + HTTP used together = HTTPS SSL + HTTP used together = HTTPS HTTP SSL or TLS TCP IP

12. SSL Record Protocol Services  message integrity using a MAC with shared secret key using a MAC with shared secret key similar to HMAC but with different padding similar to HMAC but with different padding  confidentiality using symmetric encryption with a shared secret key defined by Handshake Protocol using symmetric encryption with a shared secret key defined by Handshake Protocol AES, IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 AES, IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 message is compressed before encryption message is compressed before encryption

13. SSL Record Protocol Operation

14. SSL Handshake Protocol First 3 phases: Handshake Protocol Phase 4: Change Cipher Spec

15. Public Key Infrastructure (PKI) Digital Certificate User: Sue Public Key: 2456 1. Sue registers with CA through RA Certificate Authority (CA) Register(Owner, Public Key) 2. Registration Authority (RA) verifies owners 3. Send approved Digital Certificates 5. Tom requests Sue’s DC  6. CA sends Sue’s DC  Sue Tom 4. Sue sends Tom message signed with Digital Signature 7. Tom confirms Sue’s DS

16. IPSec  general IP Security mechanisms  provides authentication authentication confidentiality confidentiality key management key management  applicable to use over LANs, across public & private WANs, & for the Internet

17. IPSec Uses

18. Tunnel vs. Transport Mode Host A Host D Encrypted: Transport Mode: End-to-End Encryption Tunnel Mode: Encryption between two gateways: Virtual Private Network (A form of link encryption) Gtwy B Gtwy C Internet Host A Host D Gtwy B Gtwy C Internet IP=C | ESP | IP=D | Data IP=D | ESP | Data IP=D | Data IP=D | ESP | Data

19. Benefits of IPSec  in a firewall/router provides strong security to all traffic crossing the perimeter  in a firewall/router is resistant to bypass  is below transport layer, hence transparent to applications  can be transparent to end users  can provide security for individual users  secures routing architecture

20. IP Security Architecture  mandatory in IPv6, optional in IPv4  have two security header extensions: Authentication Header (AH) Authentication Header (AH) Encapsulating Security Payload (ESP) Encapsulating Security Payload (ESP) Key Exchange function Key Exchange function  VPNs want both authentication/encryption hence usually use ESP hence usually use ESP  specification is quite complex numerous RFC’s 2401/2402/2406/2408 numerous RFC’s 2401/2402/2406/2408

21. Two Modes (From Network Security Essentials 2 nd Ed., W. Stallings, Prentice Hall) Authentication Header (AH) Encapsulated Security Payload (ESP encryption & authentication) Access control XX Connectionless integrity XX (AH opt.) Data Origin Authentication XX (AH opt.) Rejection of Replayed Packets XX Confidentiality X Limited Traffic Flow Confidentiality X

22. Authentication Header (AH)  provides support for data integrity & authentication of IP packets end system/router can authenticate user/app end system/router can authenticate user/app prevents address spoofing attacks by tracking sequence numbers prevents address spoofing attacks by tracking sequence numbers  based on use of a MAC HMAC-MD5-96 or HMAC-SHA-1-96 HMAC-MD5-96 or HMAC-SHA-1-96  parties must share a secret key

23. Authentication Header SPI = Security Association # Authentication Data = Message Authentication Code

24. Encapsulating Security Payload (ESP)

25. S/MIME (Secure/Multipurpose Internet Mail Extensions)  security enhancement to MIME email original Internet RFC822 email was text only original Internet RFC822 email was text only MIME provided support for varying content types and multi-part messages MIME provided support for varying content types and multi-part messages with encoding of binary data to textual form with encoding of binary data to textual form S/MIME added security enhancements S/MIME added security enhancements  have S/MIME support in many mail agents eg MS Outlook, Mozilla, Mac Mail etc eg MS Outlook, Mozilla, Mac Mail etc

26. S/MIME Process

27. S/MIME Cryptographic Algorithms  digital signatures: DSS & RSA  hash functions: SHA-1 & MD5  session key encryption: ElGamal & RSA  message encryption: AES, 3DES, etc  MAC: HMAC with SHA-1  must map binary values to printable ASCII use radix-64 or base64 mapping use radix-64 or base64 mapping

28. S/MIME Public Key Certificates  S/MIME has effective encryption and signature services  but also need to manage public-keys  S/MIME uses X.509 v3 certificates  each client has a list of trusted CA’s certs  and own public/private key pairs & certs  certificates must be signed by trusted CA’s

29. Summary  Secure Sockets Layer (SSL) / Transport Layer Security (TLS)  IPsec: IPv4 and IPv6 Security  S/MIME (Secure/Multipurpose Internet Mail Extension)