Why Network Security?

Transcription

1 Network Security

2 Why Network Security? Malicious people share your network People who want to snoop People who want to destroy People who want to corrupt People who want to pretend People who want to steal Problem made more severe as Internet becomes more commercialized Active and passive attacks

3 Dealing with Network Security Network security can be broken into several related areas: Secrecy: hiding data from prying eyes Authentication: Proving that someone is who she says she is Nonrepudiation: Once someone sends a message, she can t later deny the contents of that message by changing it Integrity control: Proving that a message has not been intentionally corrupted by a third party Confidentiality :protection from passive attacks

4 Available Security Tools Cryptography/Encryption: Encode a message in a way that only the communicating parties can interpret it Used for secrecy and authentication Signatures Allow for the authentication of a message s sender and the message s integrity Used for authentication, nonrepudiation and integrity control

5 Cryptography Encoding a message in a way that only the communicating parties can interpret it Plaintext (P) Encryption Ciphertext (C) Key (K) Notation: Encryption: C=E K (P) Decryption: P = D K (P)

6 Rules for Encryption Encryption requires both an encryption algorithm and an encryption key Key is a string which controls how the algorithm encrypts Algorithm: Should be public and known to all Inspires trust that the algorithm works Keys: Should be long enough to prevent easy breaking of the encryption Should be short enough to keep algorithm efficient Typical key lengths: 56-bit, 128-bit, 256-bit, 512-bit

7 Types of Encryption Algorithms Substitution Ciphers Every letter (or group of letters) is replaced by another letter (or group of letters) Example: Caesar cipher: a/d, b/e, c/f, d/g,, z/c Monoalphabetic cipher: a/q, b/w, c/e, Easy to break by analyzing statistical properties of written language

8 Types of Encryption (cont d) Transposition Ciphers Instead of substituting letters in the plaintext, we change their order A N D R E W t h i s i s a m e s s a g e i w o u l d l i k e t o e n c r y p t n o w Key = ANDREW Plaintext = thisisamessageiwould liketoencryptnow Ciphertext = tagltyieiletisokco hmedopsswinnsauerw Also easy to break by analyzing structure of language

9 Types of Encryption (cont d) One-Time Pads Unbreakable form of encryption Select a random bit string that is just as long as the message being sent, and perform an EXCLUSIVE OR on the two bit strings to perform the encryption Cannot be broken; every possible plaintext is an equally probable candidate Problems: not efficient; requires large keys if one-time pad is stolen, message can be decrypted by thief vulnerability to lost or inserted characters in one-time pad

10 Types of Encryption (cont d) Most actual encryption algorithms use a complex combination of substitution and transposition Examples: Data Encryption Standard (DES) Multiple iterations of substitution and transposition using a 56-bit key designed by IBM with input from the NSA DES chaining Multiple stages of DES coding, in which the input of each stage is the output of previous stages International Data Encryption Algorithm (IDEA) uses a 128-bit key

11 Data encryption standard Data Encryption Standard (DES) The most widely used encryption scheme The algorithm is reffered to the Data Encryption Algorithm (DEA) DES is a block cipher The plaintext is processed in 64-bit blocks The key is 56-bits in length Each stage uses a 48 bit key

12 Triple DES Use three keys and three executions of the DES algorithm (encrypt-decryptencrypt) C = EK3[DK2[EK1[P]]] C = ciphertext P = Plaintext E is encryption, D is decryption K1 is 56 bit key, K2 is 56 bit key, K3 is 56 bit key Effective key length of 168 bits

13 Types of Encryption (cont d) Problem with all the cryptography algorithms used so far: if the key is stolen, any message can be decrypted Is there a way to do cryptography without worrying about this concern? Yes, public key cryptography

14 Public Key Cryptography Uses two different keys: an encryption key and a decryption key Each user holds: a private decryption key to decrypt messages sent to her a public encryption key that everyone else should use to encrypt messages that are sent to her Important property of public key cryptography algorithms: Private decryption key cannot be easily determined by knowing the public encryption key

15 Public Key Cryptography An Example Sally Jeff Two keys: K pub,sally K priv,sally Two keys: K pub,jeff K priv,jeff

16 Public Key Cryptography An Example K pub,sally Sally Two keys: K pub,sally K priv,sally K pub,jeff Jeff Two keys: K pub,jeff K priv,jeff Sally and Jeff exchange public keys

17 Public Key Cryptography An Example Sally C Jeff C = E K pub,sally(p) Two keys: K pub,sally K priv,sally Two keys: K pub,jeff K priv,jeff If Jeff wants to send an encrypted plaintext message P to Sally, he uses Sally s public key to encrypt the message into C

18 Public Key Cryptography An Example P = D K priv,sally(c) Sally C Jeff Two keys: K pub,sally K priv,sally Two keys: K pub,jeff K priv,jeff Sally uses her private key to decrypt the message C from Jeff. Only Sally can decrypt messages that are encrypted using her public key. A message to Sally cannot be decrypted using Sally s public key.

19 Public Key Cryptography (cont d) Why public key cryptography is so powerful: No secret keys need to be distributed Only the receiver of encrypted information holds the secret key Examples of public key algorithms: Merkle-Helman knapsack Rivest-Shamir-Adleman (RSA) Pretty Good Privacy (PGP)

20 Authentication Sally Jeff Mike Mike sends a message to Sally pretending to be Jeff Authentication: the problem of proving that a user is who he says he is Two approaches: based on secret key cryptography based on public key cryptography

21 Secret Key Authentication Sally and Jeff share a secret key K Sally and Jeff issue authentication challenges Identity=Sally Challenge R Jeff Sally E K (R Jeff ) Jeff Challenge R Sally E K (R Sally )

22 Public Key Authentication Sally and Jeff issue authentication challenges using public keys E K pub,jeff(sally,r Sally ) Sally E K pub,sally(r Sally, R Jeff ) Jeff E K pub,jeff(r Jeff )

23 Problem with Public Key Cryptography Public key encryption methods tend to be slower than secret key encryption, because they rely on more expensive computations So, it is common in practice to use public key cryptography only to encode a private secret key (K S ), which is then used to encrypt all other data shared between the two communicating parties E K pub,jeff(sally,r Sally ) Sally E K pub,sally(r Sally, R Jeff, K S ) Jeff E K S(R Jeff )

24 Digital Signatures A digital signature... allows the receiver to authenticate the identity of the sender prevents the sender from later claiming she sent a different (or no) message prevents the receiver from constructing a message that appears as if it came from the sender

25 Public Key Signatures Let us use a public key cryptography system with the following properties: E(D(P)) = P D(E(P)) = P

26 Public Key Signatures Sally E K pub,jeff(d K priv,sally(p)) Jeff Jeff applies his private key to decrypt the message. Then he applies Sally s public key to encrypt the Sally-decrypted message. If a meaningful message (P) is obtained, Jeff can be sure that Sally sent it.

27 Firewalls firewall A combination of hardware and software that isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others. Two firewall types: packet filter application gateways administered network public Internet firewall

28 Firewalls: Why To prevent denial of service attacks: SYN flooding: attacker establishes many bogus TCP connections. Attacked host allocates TCP buffers for bogus connections, none left for real connections. To prevent access to and from other sites To prevent illegal modification of internal data. e.g., attacker replaces course homepage with something else To prevent intruders from obtaining secret info.

29 Packet Filtering (7.6.1) Internal network is connected to Internet through a router. Router manufacturer provides options for filtering packets, based on: source IP address destination IP address TCP/UDP source and destination port numbers ICMP message type TCP SYN and ACK bits Example 1: block incoming and outgoing datagrams with IP source address /24 All incoming and outgoing UDP flows and telnet connections are blocked. Example 2: Block inbound TCP segments with ACK=0. Prevents external clients from making TCP connections with internal clients, but allows internal clients to connect to outside.

30 Packet filtering Packet-filtering Router Applies a set of rules to each incoming IP packet and then forwards or discards the packet Filter packets going in both directions The packet filter is typically set up as a list of rules based on matches to fields in the IP address TCP header (port number) ICMP message type Connection messages (SYN or ack bits) Two default policies (discard or forward)

31 Features Advantages: Simplicity Transparency to users High speed Disadvantages: Difficulty of setting up packet filter rules Knowing what is happening Lack of Authentication

32 Application gateway (7.6.2) Application-level Gateway host-to-gateway telnet session gateway-to-remote host telnet session application gateway router and filter

33 Proxy-gateway Application-level Gateway Also called proxy server Acts as a relay of application-level traffic All data has to pass through the proxy server Can allow only telnet connections to company s remote office and block all other connections Can be used in conjunction with packet filter

34 Filters packets on application data as well as on IP/TCP/UDP fields. Example: allow select internal users to telnet outside. Application gateways 1. Require all telnet users to telnet through gateway. 2. For authorized users, gateway sets up telnet connection to dest host. Gateway relays data between 2 connections 3. Router filter blocks all telnet connections not originating from gateway.

35 Features of app-gateway Advantages: Higher security than packet filters Only need to scrutinize a few allowable applications Easy to log and audit all incoming traffic Disadvantages: Additional processing overhead on each connection Need to tunnel all traffic via application level gateway

36 Limitations of firewalls and gateways IP spoofing: router can t know if data really comes from claimed source If multiple app s. need special treatment, each has own app. gateway. Client software must know how to contact gateway. e.g., must set IP address of proxy in Web browser Filters often use all or nothing policy for UDP. Tradeoff: degree of communication with outside world, level of security Too much big brother Many highly protected sites still suffer from attacks.