CSCI-E46: Applied Network Security. Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

Transcription

1 CSCI-E46: Applied Network Security Class 1: Introduction Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

2 Welcome to CSCI-E46 Classroom & Schedule 53 Church Street L01 Wednesdays, 5:30pm-7:30pm Office Hours Before/after class or by appointment TA Session On-line, scheduling TBD 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

3 Welcome to CSCI-E46 Expectations Familiarity with Linux/UNIX CLI and Windows GUI Understanding of networking topics by way of Successful completion of CSCI-E45[ab] or permission of instructor Objectives Provide a solid overview of the concepts, threats, and controls inherent to network security Keep topics interesting through use of in-class lecture, demonstration, and lab work 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

4 Readings Course Text Computer Security: Principles and Practice, 3 rd Edition, William Stallings Safari Books Online Additional readings listed in module on Canvas 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

5 Canvas All course material and grading will be posted to the course site Each Week readings will be available at midnight on Thursday slides will be posted prior to lecture live video of the lecture available for streaming recorded video posted for review 1-2 days after lecture Discussion forums available for questions and collaborating with your classmates 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

6 Class Participation Wednesdays, 53 Church Street L01 Timely discussion topics to open each lecture Questions and discussion throughout lecture encouraged! Be courteous, silence your phones and take calls outside ~10 minute break at half-way point On-campus and remote students Attendance and in-class participation not graded! 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

7 Tasks/Assignments Tasks Assigned most lecture weeks (10 total) Majority of class participation score Assignments 3 assignments, 1 quiz 20% of final grade 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

8 Labs 5 labs Environments Local (your laptop/desktop) Amazon Web Services (AWS) Resources VirtualBox AWS Educate 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

9 Exams Midterm Exam On-line Week of 03/17 Essay, short answer, true/false, multiple choice Final Exam Week of 04/05 Same format as midterm Not cumulative 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

10 Grading Class Participation/Tasks 20% Labs 20% Assignments/Quiz 20% Midterm Exam 20% Final Exam 20% Total 100% 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

11 Plagiarism and Academic Integrity Unless otherwise specified, all work must be completed independently Please review the Harvard Extension School Academic Integrity Policy Do not cheat, you will be caught and reported! If found responsible, no credit for affected material Academic suspension 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

12 Course Schedule Week Dates Topic 1 01/27 Introductions, Cryptography Primer 2 01/28 02/03 Networking Primer 3 02/04 02/10 Network Security Controls and Architecture 4 02/11 02/17 Enterprise Identity and Authentication 5 02/18 02/24 (In)Secure Protocols 6 02/25 03/02 Network-based Threats 7 03/03 03/09 Reconnaissance and Social Attacks 8 03/10 03/16 Spring Break 9 03/17 03/23 Midterm Exam 10 03/24 03/30 Exploitation and Persistence 11 03/31 04/06 Instrumenting the Network 12 04/07 04/13 Intrusion Detection 13 04/14 04/20 Firewalling and Access Control 14 04/21 04/27 Wireless Security 15 04/28 04/04 Cloud Security and Future Trends 16 04/05 05/11 Final Exam 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

13 Introductions About Me Director, Infrastructure Design & MIT 15+ years of systems, networking, and security experience davidlaporte@fas.harvard.edu Phone: Teaching/Lab Assistant Scott Doliner TBD 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

14 Today... Discussion Cryptography Primer 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

15 Cryptography Primer Random numbers Symmetric encryption Public-key (asymmetric) encryption Beyond encryption Message authentication codes Hash functions Digital Signatures 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

16 Random Numbers random numbers used in cryptographic key generation requirements: randomness based on statistical tests for uniform distribution and independence unpredictability successive values not related to previous clearly true for real random sequences true random number generators use a nondeterministic source e.g. radiation, leaky capacitors, thermal noise 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

17 Pseudorandom Numbers an algorithm is used to create pseudorandom numbers satisfy statistical randomness tests likely to be predictable since based on initial seed value eg. time or system state Source: w/subsamples.html 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

18 Symmetric Encryption Same key used for encryption and decryption 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

19 Symmetric Encryption Historical Implementations Caesar Cipher (ROT13) Enigma Machine Modern Implementations DES Old US federal standard 56-bit key Extremely vulnerable to brute force attacks Deprecated in favor of 3DES in 1999 Triple DES (3DES) Encrypt, decrypt, encrypt using DES Effective 168-bit key (56-bit * 3) AES Current US federal standard (2002) Result of public competition (was Rijndael ) 128, 192, and 256-bit key lengths Blowfish, IDEA, etc. Source: cipher 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

20 Symmetric Encryption Fast, easily implemented in hardware Key distribution Difficult to securely transport shared key to recipient Key management, (n 2 -n)/2 2 participants, 1 key 3 participants, 3 keys and then it gets much worse 10,000,000,000,000, ,000,000,000,000 1,000,000,000,000 10,000,000, ,000,000 1,000,000 10, /26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

21 Attacking Symmetric Encryption cryptanalysis rely on nature of the algorithm plus some knowledge of plaintext characteristics even some sample plaintext-ciphertext pairs exploits characteristics of algorithm to deduce specific plaintext or key brute-force attack try all possible keys on some ciphertext until get an intelligible translation into plaintext 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

22 Public Key Encryption Two keys ( public and private ) are used Keys are complementary Private key can decrypt public key encrypted messages Public key can decrypt private key encrypted messages In practice Public key is used to encrypt messages Private key is used to decrypt messages Example: Bob wants to send Alice a message. He encrypts the message with Alice s public key. Alice receives the message and decrypts using her private key. 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

23 Public Key Encryption Two different keys used for encryption/decryption 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

24 Public Key Requirements computationally easy to create key pairs computationally easy for sender knowing public key to encrypt messages computationally easy for receiver knowing private key to decrypt ciphertext computationally infeasible for opponent to determine private key from public key computationally infeasible for opponent to otherwise recover original message useful if either key can be used for each role 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

25 Public Key Encryption Originated in the 1970s at British Government Government Communications Headquarters (GCHQ) This remained secret until 1997 Proposed in 1976 by Whitfield Diffie and Matin Hellman RSA algorithm published in 1978 by Rivest, Shamir, and Adleman Patent expired in 2000 DSS/DSA developed by NSA useful only in digital signatures, not encryption Elliptic Curve based on solutions to y 2 =x 3 + ax + b less computationally intensive and efficiently implemented in hardware not as well vetted as factoring-based approaches, so not yet widely implemented 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

26 Public Key Encryption RSA Uses product of two large prime numbers Keys derived mathematically from product Depends upon difficulty of factoring large numbers Not provably unbreakable Discovery of short-cut in factoring large numbers would undermine entire system Key lengths can be increased to mitigate increases in brute-force capabilities RSA Laboratories currently recommends key sizes of 1024 bits for corporate use and 2048 bits for extremely valuable keys like the root key pair used by a certifying authority. Several recent standards specify a bit minimum for corporate use. RSA website 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

27 Public Key Encryption Extremely slow, orders of magnitude slower than symmetric algorithms Key distribution Separate keys eliminates need for secure transport Key management, 2n total keys, n+1 keys/participant 2 participants, 4 keys, 3 keys/participant 10 participants, 20 keys, 11 keys/participant Only one key (the participant s private key) need be kept secret Remaining keys can be centrally maintained 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

28 Asymmetric/Symmetric Hybrid Public key systems offer major benefits in key management and distribution, at the cost of speed Symmetric systems offer speed, but distribution and management do not scale In many protocols, the benefits of each are exploited through use of a session key Use public-key system to establish secure channel Transmit symmetric session key to perform bulk encryption eg., SSL, PGP 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

29 Digital Envelope 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

30 Beyond Encryption Message encryption provides confidentiality, but how to assure integrity and non-repudiation? Encryption of the message does not provide either Reordering of the encrypted blocks may result in a properly decrypted, coherent, and incorrect message Message authentication guarantees: contents unaltered from authentic source timely and in correct sequence Can be accomplished with or without encryption 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

31 Message Authentication Codes Parties agree upon a secret key Use the secret key and the input message to generate a small block of data (MAC) Transmit message and MAC Recipient uses input message and secret key to regenerate MAC If they match The receiver is assured that the message has not been altered. The receiver is assured that the message is from the alleged sender. If the message includes a sequence number, then the receiver can be assured of the proper sequence. 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

32 Message Authentication Codes Note that the message/mac bundle is unencrypted 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

33 Hash Functions A hash function generates a fixed length value ( fingerprint ) from a variable length input MD5, 128-bits SHA1, 160-bits SHA-256, 256-bits SHA-384, 384-bits SHA-512, 512-bits 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

34 Secure Hash Functions A secure hash function has the following properties applied to any size data H produces a fixed-length output H(x) is relatively easy to compute for any given x one-way property (pre-image resistance) computationally infeasible to find x such that H(x) = h weak collision resistance (second pre-image resistance) given x, computationally infeasible to find y x such that H(y) = H(x) strong collision resistance computationally infeasible to find any pair (x, y) such that H(x) = H(y) Since there is no secret key involved in generation of the hash value, additional steps are necessary to provide message authentication 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

35 Keyed Hash A secret key (previously agreed upon) is added to the input message before hash function is performed Recipient adds same key to message before computing hash value No encryption necessary Bypasses any encryption export issues Lower CPU requirements Functionally equivalent to MAC 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

36 Digital Signatures A digital signature is a hash value encrypted with the private key of the sender Leverages hash function and public key encryption to provide message authentication Example: Bob wants to send Alice a message. He generates a hash value of the message and encrypts it with his private key. This digital signature is appended to the message. Alice receives the message, removes the digital signature, and decrypts it using Bob s public key. If the hash values match, Alice can be assured that the message was received intact, in order, and from Bob. 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

37 Digital Signatures 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

38 Attacks Against Hashes attack approaches birthday attack name comes from the observation that there is a probability of > 1/2 that 2 people in a group of 23 share a birthday attack works where hash output is not evenly distributed cryptanalysis exploit logical weakness in algorithm brute-force attacks collision attack create two inputs that generate same hash value pre-image attack create input based on known hash value Source: 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

39 References Various images and content from: Computer Security: Principles and Practice, Third Edition. William Stallings, Pearson, 2014 Chapters 1, 2 See Chapter 21 in Stallings for more in-depth information on public-key cryptography and message authentication 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

40 Task 1: VirtualBox, Kali, and Introductions 1) Download and install VirtualBox 2) Download, verify, and install Kali Linux 3) Introduce yourself! Please say hello in the Introductions discussion forum and let me us know what you hope to take from the class. Additional task details in the Canvas assignment link 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING

41 For next class Topic Networking Refresher Readings Computer Security, Principles and Practice Appendix F TCP/IP Illustrated, Vol. 1: The Protocols (Safari) Chapters 2, 4, 8 (ICMPv4 only), 10, 11, 12 Background/reference material, review as appropriate Additional Readings on Canvas 1/26/16 CSCI-E46: APPLIED NETWORK SECURITY, SPRING