Multimedia Networking and Network Security

Transcription

1 CMPT Multimedia Networking and Network Security 1 Multimedia Networking and Network Security This note is based on Chapters 7 and 8 of the text book. Outline of multimedia networking Multimedia networking application Streaming stored audio and video Making the best out of best effort service New applications Multimedia Networking In recent years, there has been an explosive growth of new applications on the Internet like streaming video, IP telephony, teleconferencing, interactive games, virtual world, distance learning, and so on. Those multimedia networking applications are referred as continuous-media applications and require services different from those for traditional elastic applications like , Web, remote login, etc. They are also different from download-and-then-play applications. Especially, the new applications require high quality on the communication latency and the latency variation (delay-sensitive) but may not require high quality on the error rate (loss-tolerant). One key issue for supporting new multimedia networking applications is how to get the high quality for the communication latency on the best effort Internet which provides no latency guarantee. Another key issue is how to improve the Internet architecture to provide support for the service required by multimedia applications. Streaming stored audio and video. Applications have the following key features: Stored media, the contents has been prerecorded and is stored at the server. So, a user may pause, rewind, or fast-forward the multimedia contents. The response time to the above actions should be in the order of 1-10 seconds. Streaming, a user starts playout a few seconds after it begins receiving the file from the server. So, a user plays out the audio/video from one location in the file while it is receiving later parts of the file from the server. This technique is called streaming and avoids having download the entire file before starting playout. Continuous playout, once playout begins, it should proceed based on the original timing of the recording. This requires high quality on the end-to-end delay. Streaming live audio and video. Applications are similar to traditional radio and television, except that audio/video contents are transmitted on the Internet. In these applications, many clients may receive the same program. A key issue here is how to deliver the program efficiently to multiple clients on the Internet. IP multicasting technologies play a key role for this. Similar to streaming stored audio and video applications, applications here require continuous playout and high quality on the end-to-end delay.

2 CMPT Multimedia Networking and Network Security 2 Real time interactive audio and video. Applications allow users using audio/video to communicate with each other in real time. Realtime interactive audio on the Internet is known as Internet phone. Applications in this category require very high quality on the end-to-end delay, usually a fraction of one second. Hurdles for multimedia in today s Internet The Internet Protocol (IP) used in the Internet provides connectionless best effort service for transmitting datagrams. The IP does not guarantee the end-to-end delay nor the uniform delay for all datagrams in a same packet stream. The variations of packet delays within the same packet stream is called packet jitter. The end-to-end delay and packet jitter in the Internet are major hurdles for multimedia applications on the Internet. How to overcome hurdles There are many approaches discussed for overcoming the hurdles mentioned above. At one extreme, it is argued that fundamental changes to the Internet should be made so that the users can explicitly reserve the bandwidth on every link in the path for transmitting the packets. On the other hand, it is argued that fundamental changes are difficult and incremental improvements over the best-effort IP are more practical. Especially, the improvements include: The Internet Service Providers (ISP) should scale/upgrade their networks well to meet the demands. The upgrade includes more bandwidth and caches in networks for heavily accessed data. Content distribution networks (CDNs), replicate stored contents and put the contents at edges of the Internet. Multicast overlay networks for sending data to a huge number of users simultaneously. Another approach is differentiated services (Diffserv). In this approach, small changes at the network and transport layers are required and scheduling/policing schemes are introduced at edges of the network. The idea is to introduce traffic classes, assign each datagram to one of the classes, and give datagrams different levels of services based on their class. Streaming stored audio and video In these applications, clients request audio/video data stored at servers. Upon client s request, servers send the data into a socket connection for transmission. Both TCP and UDP socket connections have been used in practice. The data are segmented and the segments are encapsulated with special headers appropriate for audio/video traffic. The real time protocol (RTP, will be discussed later) is a public-domain standard for encapsulating such segments. Audio/video streaming applications usually provide user interactivity which requires a protocol for client/server interaction. The real time streaming protocol (RTSP) is a public-domain protocol for this purpose. Clients often request data through a Web browser. A separate helper application (called media player) is required for playing out the audio/video. Well used helpers include RealPlayer and MediaPlayer. Access audio/video through Web server

3 CMPT Multimedia Networking and Network Security 3 The stored audio/video files can be delivered by a Web server or by an audio/video streaming server. When an audio file is delivered by a Web server, the file is treated as an ordinary object in the server s file system, like HTML and JEPG files. To get the file, a client establishes a TCP connection with the server and sends an HTTP request for the object. On receiving the request, the Web server encapsulates the audio file in an HTTP response message and sends the message back to the TCP connection. It is more complicated for the video case because usually the sounds (audio) and images are stored in two different files. In this case, a client sends two HTTP requests over two separate TCP connections and the server sends two responses, one for sounds and the other for images, to the client in parallel. It is up to the client to synchronize the two streams. Sending multimedia from a streaming server to a helper application Audio/video files can be delivered by a streaming server to a media player. Streaming servers include those marketed by RealNetworks and Microsoft, and those of public-domain servers. With a streaming server, audio/video files can be transmitted over UDP which has much smaller endto-end delay than TCP. Making the best of the best-effort service Limitation of best-effort service Packet loss, IP provides the best-effort service but does not guarantee the delivery of packets. Packets may be discarded due to congestions. End-to-end delay, IP does not guarantee the end-to-end delay either. The time for transmitting a packet may vary due to the conditions of the network. Also, in order to guarantee the delivery, positive acknowledgement and retransmission are used in TCP. The cost for realizing the reliable transmission in TCP is a longer end-to-end delay. Packet jitter, since the end-to-end delay for each packet may depend on the conditions of the network, the delays of packets in the same packet stream may vary. Especially, the packets may arrive to the receiver in a wrong order. Removing jitter at the receiver for audio In applications like Internet phone or audio-on-demand, it is up to the receiver to remove the jitters. Common techniques used include sequence number, timestamp, and delaying playout. The sender can put a sequence number on every packet sent and the receiver can use the sequence number to recover the correct order of the received packets. Timestamp is similar to sequence number, the sender stamps each packet with the time at which the packet is generated. In order to get the correct order from the sequence number and timestamp for a sequence of packets, the receiver need to receive all of the packets in the sequence. Playout delay is used for this purpose. The playout delay should be long enough to receive all packets in a subsequence of packets which can be played. On the other hand, the delay should be short enough so that the user will not notice the delay. The playout delay can be either fixed or adaptive. Fixed playout delay, the receiver plays out each packet exactly q msecs after the packet is generated. Usually, q is up to a few hundreds msecs. Adaptive playout delay, the receiver estimate the network delay and the variance of the network delay at the beginning of each talk, and adjusts the playout delay accordingly. Recovering from packet loss

4 CMPT Multimedia Networking and Network Security 4 A major scheme for handling packet loss for elastic applications is retransmission. However, this scheme does not work well for applications with strict end-to-end delay constraint. Internet phone applications usually use loss anticipation schemes to handle packet loss. Forward error correction (FEC) is one of such schemes. The basic idea of this scheme is to include redundant information in the original packet stream. The redundant information can be used to reconstruct the lost packet. One approach for the FEC scheme is to send the exclusive OR of every n packets as a redundant packet. If any one of the n + 1 packet is lost, the receiver can reconstruct it. However the scheme does not work if two or more of the n + 1 packets are lost. Another approach is to send two copies of the same packet, usually one is the original packet and the other is a short version (lower-resolution audio) of the packet. An example is that the short version of packet i is sent together with packet i + 1. FEC uses extra bandwidth of networks. Interleaving is another loss anticipation scheme. This scheme resequences units of audio data before transmission so that the original adjacent units are separated by some distance in the transmitted stream. The receiver rearranges the received stream into its original order before it is resequenced. If a transmitted packet is lost, only a small fraction of each original packet is lost and the quality of the voice may not be damaged much. Interleaving does not use extra bandwidth but introduces extra end-to-end delay. Receiver-based repair of damaged audio stream. This scheme reconstructs a lost packet using the other received packets based on the fact that there are large amount of short term self-similar signals in audio data, especially for speech. A simplest approach is packet repetition, using the immediate previous packet to replace the lost one. Another approach is interpolation, using the packets before and after the loss to interpolate a packet to cover the loss. Content Distribution Network (CDN) A major problem in multimedia networking is difficult to stream large files from a single server in real time. A solution for this problem is to replicate content at hundreds (CDN) servers, each server is at an edge of Internet and provide service to users close to it. A content distributed network (CDN) consists of servers connected by Internet. The servers are also considered connected by a logical network. Downloading content to CDN servers from the original server is realized by multicast over the logical network. Outline of network security Network security issues Principles of cryptography Message integrity Application layer security Transport layer security Network layer security Operational security, firewalls Network Security

5 CMPT Multimedia Networking and Network Security 5 Security issues Important issues in network security include the following. Confidentiality: To protect information from unauthorized disclosure. Two approaches are usually used to achieve this. One is to restrict the access to the information, e.g., to prevent unauthorized parties to have any access to the data. The other is to make the data meaningless to the unauthorized parties by encryption. Integrity: To protect information from unauthorized change. Authentication: To allow two communicating entities to validate each other s identity. Nonrepudiation: To prove that the received message is from a specific sender. Availability: To guarantee that unauthorized parties can not block the legitimate access to the information. Access control (Authorization): To control the access level of users to the data. Accountability: To track or audit what an individual or entity is doing on the network or system. Basic strategy Prevention, detection, and response are the basic strategies for achieving the network security. Prevention is the 1st step. To make a security system, it is critical to implement some measures to prevent any failure in the above issues. t should be noted that it is impossible to have a security scheme that can prevent all attacks on the system. Detection is needed to find the weak point of the system once a preventative measure is broken. Appropriate response procedure is also needed to deal with the weak point detected. Encryption Encryption and access control play central roles in network and information security. The encryption/decryption techniques have been used to achieve the confidentiality in communication for thousands of years. To send a message, the source uses encryption key and algorithm to encrypt the message and sends the encrypted message. The destination uses decryption key and algorithm to decrypt the received message. The security is based on the assumption that if one does not have the decryption key, one can not get any information from the encrypted message. Digital signature is used to provide integrity, authentication, and nonrepudiation. Encryption and certificate authority are key factors in digital signature. The encryption/decryption techniques can be classified into two classes. One is secret-key encryption and the other is public-key encryption. Secret-key encryption In secret-key encryption, the decryption key can be easily obtained from the encryption key. In fact, they can be the same key. So, the source and destination need to keep their keys in secret to ensure the security. If the same key is used for both encryption and decryption, the algorithm for decryption is the inverse of the algorithm for encryption. When the same key is used for both the encryption and decryption, secret-key encryption is also called symmetric encryption. Secret-key encryption has been used for thousands of years. One popular method used in network communication now is called data encryption standard (DES). DES encrypts and decrypts at bitlevel. The data is considered as a string of bits which is partitioned into segments of 64 bits. If

6 CMPT Multimedia Networking and Network Security 6 the last segment has less than 64 bits, 0 is padded. Each segment is encrypted by a 64-bit key (there are 56 effective bits and 8 parity bits in the key). To encrypt a message, DES scrambles each segment in multiple stages. The least significant 32 bits of the segment at current stage become the most significant 32 bits of the segment in the next stage. The most significant 32 bits at current stage are scrambled based on the key and become the least significant 32 bits in the next stage. Decryption is an inverse process. DES is not considered secure now because the length of the encryption/decryption key is not large enough. More secure secret-key schemes have been developed. Those schemes include Triple DES and Advanced Encryption Standard (AES). Public-key encryption For each user, there are two keys, one is a public key, used for encryption, and the other is a private key, used for decryption. The user announces the public key to everyone in the network but keeps the private key secret. Anyone who wants to send a message to this user in a secure way, it uses the public key to encrypt the message and the user uses its secret private key to decrypt the message. One principle in public-key encryption is that it should be extremely difficult to calculate the private key from the public key. The design of the keys usually involves some special mathematics such as one way function. A one way function y = f(x) is that it easy compute y when f and x are given, while it is difficult to compute x when y and the inverse function f 1 are given. An example: define f(p, q) to be the product of two prime numbers p and q. Then it takes O(n 1.59 ) time to compute y = p q of n bits. However, a brute-force algorithm takes O(2 n/2 ) time to compute p and q from y. In practice, there is a heuristic algorithm which takes O(2 n/4 ) time to compute p and q from y. If n is large enough, say 1024 or 2048 bits, then it is impossible to factorize y within any reasonable time even with the most powerful computers. In fact, the most common public key encryption scheme RSA is based on the above function. The name RSA comes from its inventors (Rivest, Shamir, and Adleman). To calculate the keys in RSA scheme, first two large prime numbers p and q, and then N = p q are computed. Next a small odd integer e which is relatively prime to (p 1)(q 1) is computed. Finally, find the integer d in the solution of the equation of d e 1 mod (p 1)(q 1). The public key is (e, N) and the private key is (d, N). To encrypt a message M, RSA algorithm treats M as a number and computes C = M e mod N as the encrypted message. The message C can be decrypted to M by M = C d mod N. An example of RSA. Assume that we send characters HELLO one by one using RSA. Each character is assigned an integer as shown below. A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

7 CMPT Multimedia Networking and Network Security 7 We choose p = 3, q = 11 to get N = 3 1 = 33, (p 1) (q 1) = 20, and choose e = 3 to get d = 7 from d 3 1 mod 20. Below are the values calculated for each character in RSA. Ch M M^3 C=M^3(mod 33) C^7 C^7(mod 33)=M Ch H H E E L L L L O O A major advantage of public-key encryption is that one pair of keys for one user. This reduces the number of keys to n pairs for a system with n users. A disadvantage is the high computation complexity of encryption algorithm. For example, in RSA scheme the number N is known to public. If one can find the prime factors p and q then one can calculate d and thus the private key (d, N). The security of RSA relies on the difficulty of factorizing large N. To guarantee the security, large N, e.g., 512 bits, 1024 bits, or even 2048 bits integers are used. The calculation of M e mod N and C d mod N is not efficient for large N. Another disadvantage is that the announced public key of a user must be verified. That is, if a user A announces a public key, the other users must make sure the announced key belongs to A. This is especially important when public-key encryption is used for digital signature. The verification can be handled by certification authority. Secret-key encryption is often used for long message and public-key encryption is appropriate for short message. A combination of using secret-key and public key may like this. Assume Alice wants to send Bob a long message. Alice prepares a secret key, encrypts the key with Bob s public-key, and sends the encrypted key to Bob. Then Alice encrypts the message with the secret key and sends the encrypted message to Bob. Bob can get the secret key by his private-key and then uses the secret key to decrypt the message. Digital signature Digital signature refers the sign on an electronic document. It is a key for realizing authentication, integrity, and nonrepudiation. A digital signature on a message should guarantee that (1) the identity of a sender can be verified by a receiver; (2) a message from a sender can not be denied by the sender; and (3) a message from a sender can not be concocted by a receiver. Digital signature can be realized by either secret key encryption scheme or public key encryption scheme. However, it is more complex to use secret key encryption scheme for digital signature. Digital signature by symmetric-key encryption One approach is to have a central authority CA in the system. Every user X has a secret key K X. Only X and CA know K X. Every user knows CA s secret key K CA. Assume that A sends a message M to B. Then: A encrypts (M, B) by key K A to get K A (M, B) and sends it to CA. CA decrypts K A (M, B), encrypts (M, A) by key K CA to get K CA (M, A), encrypts (M, A, K CA (M, A)) by key K B to get K CA (M, A, K CA (M, A)), and sends K CA (M, A, K CA (M, A)) to B. Digital signature by public-key encryption It is more convenient to use public-key encryption scheme to sign a document. The idea is simple: the sender A uses its private-key to encrypt (sign) the document and the receiver uses A s publickey to decrypt the message (verify the sign). Because it is difficult to compute the private-key,

8 CMPT Multimedia Networking and Network Security 8 it is difficult to forge the signature. Digital signature can provide integrity, authentication, and nonrepudiation. If the encrypted (signed) message is changed partially or totally without the knowledge of the private-key (signature), the decrypted message will be (with overwhelming probability) unreadable. So, the integrity of the message is preserved. Assume that some other user B sends a message pretending the message from A. If B does not know A s private-key (signature), then the message produced by B will be unreadable after the message is decrypted by A s public-key. This gives the authentication. Similarly, if A sends out a signed document, only A s public-key can decrypt the message into a meaningful document. A will not be able to deny the fact of sending the message. This provides the nonrepudiation. Digital signature does not provide confidentiality. Every one can decrypt the signed document by sender s public-key. If the document should be kept confidential, then another layer of encryption is needed. For example, the sender encrypts the signed document with the receiver s public-key. The receiver decrypts the message with its private-key and then verifies the signature of sender by sender s public-key. Internet security Internet security is based on the principles and concepts discussed above. The security measures can be applied to each of the Internet layer. We will discuss application layer security and IP layer security here. Application layer security Application layer security is realized by each application program. The implementation of application layer security is simple for unicast communication. The sender and receiver can agree to use the same protocol and a specific type of security service. Web security Major issues in web security include: secure naming, how to securely name objects and resources; secure connection, how to establish a secure connection; and mobile code security, how to deal with an executable code from a website. Assume that A wants to connect to B s website. A types the URL of B into A s browser and connects to a website. However, there is no guarantee that the website A s reaches is indeed B s website because some cracker may have changed the URL-IP-address mapping provided by a DNS server. To make the DNS service more secure, DNSsec is proposed. To make a connection between two sites at a web application, secure socket layer (SSL) is used. SSL is between the application layer and transport layer and provides encryption and authentication between two connected sockets. SSL is the base for the transport layer security (TLS). Current web applications allow executable codes embedded in the data exchanged between two sites. Those executable codes however become a major threat to computer systems. There is no single nor easy solution for this problem. Well used approaches for solving this problem including restricting the foreign code within a virtual machine, authenticating the source which provides the code, and so on.

9 CMPT Multimedia Networking and Network Security 9 IP layer security (IPsec) The IETF (Internet Engineering Task Force) has devised a set of protocols known as IPsec to provide security service at IP layer. IPsec does not restrict the user to use a specific encryption or authentication method. Instead, IPsec provides a framework that allow each pair of communication end-points to choose algorithms and parameters (like key size). IPsec defines two protocols: Authentication Header (AH) protocol and Encapsulation Security Payload protocol. Firewalls So far we have discussed the security based on encryption. Another key component for realizing security is internet access control. A basic technique for internet access control is internet firewall. A firewall is a component or a set of components installed between the internal network of an organization and the rest of the Internet. A firewall restricts the access between a protected internal network and the Internet. Basic firewall technologies include packet filtering and proxy system. Packet filtering A firewall can be used as a packet filter. It selectively routes packets between the internal and external hosts based on the information in the IP layer and transport layer headers. Those information include IP source/destination address, packet type (UDP, TCP, etc.), UDP/TCP source/destination port, packet size, and so on. A packet-filter firewall uses a filtering table to decide how to deal with a packet. Possible actions on a packet include: Forward the packet to the destination. Drop the packet without notifying the sender. Drop the packet and give the sender an error message. Log information about the packet. Set off an alarm to notify someone about the packet. Modify the packet, e.g., perform the network address translation. Send the packet to a host other than the destination, e.g., to a proxy server. Modify the filtering table. Packet filtering has a number advantages. One firewall can help protecting the entire network. Simple packet filtering is fast. Packet filtering is widely available. There are also some disadvantages. Current filtering tools are not perfect. Especially, more secure services relies on more sophisticated filtering rules which reduce the speed of the firewall. Packet filtering can be implemented on a router which is between the internal network and the Internet. Such a router is known as screen router. Linux kernel and later supports the 4th generation of IP firewall netfilter. Proxy system Packet filtering works based on the information in the headers of the packets. The information on the data in the packet can also be used for filtering. This is application layer filtering. A proxy firewall can be used for this purpose. A proxy system may consist of a proxy server and a number of internal proxy clients. When a proxy client wants to connect to an external host, it sends a request to the proxy server. The proxy server checks the request and decides if it approves the

10 CMPT Multimedia Networking and Network Security 10 request or not. If it approves, the proxy server contacts the external host on behalf of the client. Similarly, the proxy server filters the incoming packets based on the information of the packets. Advantages of the proxy system include good at logging, intelligent filtering, user-level authentication, protection for weak or faulty IP implementation. Disadvantages include the proxy services lagging behind nonproxy services, may require extra servers, and may require the modifications to clients.