Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University.

Published byEaster Fields Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University."— Presentation transcript:

1 Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University

2 BA483: Network Security Lecture Notes for May 8, 2006 Authentication Authentication Protocol (ap) –ap 1.0, 2.0, 3.0, 3.1, 4.0, 5.0 Exchanging Public Keys Man (Woman) in the middle-attack

3 Authentication ap 1.0 –Alice announces to Bob, “I am Alice.” Trudy could have sent this message. ap 2.0 –Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by matching source IP (in IP header) with Alice’s IP. Trudy could have sent this message if she had done IP spoofing.

4 Authentication ap 3.0 –Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by verifying her plaintext password. Trudy may have already eavesdropped earlier, and have stolen Alice’s plaintext password during an earlier conversation between Alice and Bob. Now, Trudy could send the message, “I am Alice” by using Alice’s plaintext password. ap 3.1 –Alice announces to Bob, “I am Alice”, and asks Bob to authenticate her by verifying her encrypted password, which is kept the same for different communication sessions between Bob and Alice. Same disadvantage mentioned in ap 3.0 still exists. Note that Trudy need not decrypt the password. She could still eavesdrop, steal encrypted password, and then perform a “playback attack” on Bob.

5 Authentication ap 4.0 –Alice announces to Bob, “I am Alice.” –Bob sends a plaintext nonce (= r) to Alice. Note that nonce is a one time value that is specific to that communication session. It is not repeated again in another session. So “playback attack” is not possible. –Alice resends same nonce back to Bob but this time nonce is encrypted with symmetric key used by Alice and Bob. –Bob decrypts nonce using symmetric key. If decrypted nonce equals the nonce he sent Alice earlier (i.e. decrypted nonce = r), then Alice is authenticated. –However, this implies that Alice and Bob must have decided upon and exchanged their symmetric key.

6 Authentication ap 5.0 –Alice announces to Bob, “I am Alice.” –Bob sends a plaintext nonce (= r) to Alice. Since nonce is a one-time value, “playback attack” is not possible. –Alice resends same nonce back to Bob but this time nonce is encrypted with Alice’s private key. –Bob decrypts nonce using Alice’s public key. If decrypted nonce equals the nonce he sent Alice earlier (i.e. decrypted nonce = r), then Alice is authenticated.

7 Exchanging Public Keys Why should public key be publicly available? Wouldn’t it be better for Alice and Bob to exchange their respective public keys via e-mail, after authenticating each other? –Due to possibility of “man (woman) in the middle attack.”

8 Man (Woman) in the Middle Attack Alice transmits, “I am Alice.” Trudy (alias Eve) eavesdrops. Bob sends a nonce = r. Trudy intercepts nonce, and sends Bob encrypted nonce (encrypted using her private key). Bob sends a message to Alice asking her for a public key. Trudy intercepts message, and sends Bob Trudy’s public key. Bob decrypts nonce with Trudy’s public key (thinking that he is using Alice’s public key), and inadvertently authenticates Trudy. While Bob is encrypting new data using Trudy’s public key, Trudy is busy posing as Bob to Alice. In particular, –Trudy transmits Bob’s nonce to Alice –Alice transmits encrypted nonce (encrypted using Alice’s private key). –Trudy intercepts encrypted nonce, and asks Alice for her public key. –Alice sends her public key

9 Man (Woman) in the Middle Attack Bob sends encrypted data (encrypted using Trudy’s public key) Trudy decrypts using her private key, and finds out Bob’s plain text. Trudy encrypts Bob’s plain text using Alice’s public key. Trudy transmits encrypted text to Alice. Alice decrypts using her private key, and finds out Bob’s plain text. Alice and Bob are happy that they have had a secure communication. They are ignorant of the fact that Trudy has intercepted and decrypted Bob’s message to Alice.

10 Public Key Certification PK cryptography – possible for two entities to exchange secret messages without having to exchange secret keys. Communicating entities have to exchange public keys (without being subject to “man in the middle attack”). Binding a public key to a particular entity is typically done by a Certification Authority (CA).

11 Certification Authority A CA verifies that an entity is who it claims to be. After verification, CA creates a certificate that binds the public key of the entity to the identity. Certificate – includes a public key – includes globally unique identifying information about owner of the public key –Is digitally signed by CA (Internet Explorer – Tools, Internet Options, Content, Certificates)

12 Digital Signatures and Message Digests Assume Bob wants to digitally sign a “document,” m. Bob’s digital signature could be K B - (m) Due to complexity of RSA, digital signatures are applied to “fingerprints” instead of being applied to message m. Fingerprint – H(m) – where H denotes a “hash algorithm” Bob’s digital signature is K B - (H(m))

13 Message Digests Message Digest (Hash) algorithms: –MD5; SHA-1; SHA-224;-256;-384;-512 Secure Hash Algorithm is a U.S. federal standard Required for use whenever a secure message digest algorithm is required for federal applications Produces a 160-bit message digest. Longer the output length, the more secure SHA-1 SHA-224, SHA-256, SHA-384, and SHA-512, which despite the similarity of names, are actually fairly different algorithms to SHA-1 and have much wider safety margins.

Download ppt "Network Security – Part 2 (Continued) Lecture Notes for May 8, 2006 V.T. Raja, Ph.D., Oregon State University."

Similar presentations

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.

Authentication and Digital Signatures CSCI 5857: Encoding and Encryption.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
Network Security V.T. Raja and James Coakley Oregon State University.

Network Security V.T. Raja and James Coakley Oregon State University.
Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 Public Key Cryptography Spring 2007 V.T. Raja, Ph.D., Oregon State University.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.

1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.

McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 Chapter 30 Message Security, User Authentication, and Key Management.
Network Security understand principles of network security:

Network Security understand principles of network security:
Security Module – Part 1 Spring 2006 V.T. Raja, Ph.D., Oregon State University.

Security Module – Part 1 Spring 2006 V.T. Raja, Ph.D., Oregon State University.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.
Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.

Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.
Security Management.

Security Management.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.
Chapter 31 Network Security

Chapter 31 Network Security

Similar presentations

Ads by Google