Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

Transcription

1 Network Security Computer Networking Lecture 08 HKU SPACE Community College March 19, 2012 HKU SPACE CC CN Lecture 08 1/23

2 Outline Introduction Cryptography Algorithms Secret Key Algorithm Message Digest Public Key Cryptography Security Protocols Authentication Algorithms Message Integrity Protocols Remaining Issues HKU SPACE CC CN Lecture 08 2/23

3 Introduction Some expected network security services: Secrecy (or confidentiality): Prevent others from reading information shared between two participants. Authentication: Verifying someone s identity. Message integrity: Assure that the message received has not be altered after it was generated. Nonrepudiation: A sender should not be able to falsely deny later that he sent a message. Most of the security services require cryptographic tools as building blocks. Regarding the usage of cryptographic tools, there are two approaches: Keep the cryptographic algorithm (method) secret. (The preferred one) The cryptographic algorithm is not a secret, but the key is. HKU SPACE CC CN Lecture 08 3/23

4 Introduction (Cont d) The scope of the security issues (from networking point of view): Concern mainly the communication between two parties. Concern attacks against protocols, not those against cryptographic algorithms or cryptographic techniques used to implement the algorithms. Types of attacks against protocols: Passive attacks (eavesdropping), e.g., ciphertext-only attacks Active attacks, e.g., pretend to be someone else, introduce new messages in the protocol, delete existing messages, substituting one message for another, replay old messages, etc. HKU SPACE CC CN Lecture 08 4/23

5 Cryptography Algorithms One kind of cryptography algorithms is to process original data into some unintelligible form. The process is called encryption and the recovery of the original data is called decryption. The idea of encryption plaintext encryption ciphertext decryption plaintext Another kind of cryptography algorithms is to produce a unique piece data (signature) based on some given data. HKU SPACE CC CN Lecture 08 5/23

6 Cryptography Algorithms (Cont d) Requirements of the algorithms are: to keep the key secret is enough to ensure the privacy of the data; to be able to prevent the attacker from deducing the key, either by making the algorithm complicated (DES) making the algorithm be one-way (MD5) Common cryptography algorithms are: Secret key algorithms: Data Encryption Standard (DES) International Data Encryption Algorithm (IDEA) Public key algorithm: RSA Message digest: MD5 (also call cryptographic checksum) HKU SPACE CC CN Lecture 08 6/23

7 Secret Key (Symmetric) Cryptography Given: Alice and Bob agree on a cryptosystem. Alice and Bob agree on a key (secret). Encryption and decryption using the key. M E K (M) D K (E K (M)) M Problems: Keys must be distributed in secret. Compromising of keys means compromising all aspects of security. Number of keys is not scalable to the user population size. HKU SPACE CC CN Lecture 08 7/23

8 Secret Key (Symmetric) Cryptography (Cont d) Example: an 64-bit DES (Data Encryption Standard) Alice and Bob use the same algorithm and the same key to encrypt and decrypt. The only approach to attack is to search the entire key space. When more than 64 bits are required, use a cipher block chaining (CBC). The ciphertext for block i is XORed with the plaintext for block i+1 before running it through DES. An initialization vector (IV) is used in lieu of the nonexisting block 0. This number is randomly generated by a sender and it is sent along with the encrypted message. Triple-DES, i.e., encrypt the data three times. HKU SPACE CC CN Lecture 08 8/23

9 Secret Key (Symmetric) Cryptography (Cont d) Figure: Outline of DES. HKU SPACE CC CN Lecture 08 9/23

10 Secret Key (Symmetric) Cryptography (Cont d) Figure: CBC for large messages. HKU SPACE CC CN Lecture 08 10/23

11 Message Digest (Cryptographic Checksum) Message digest is a technique which can be used to verify whether a message has been malicious changed during the transmission (integrity). Message digest uses one-way hash functions as its fundamental building block. One-way functions are relatively easy to compute (given x, compute f (x)), but significantly harder to reverse (given f (x), compute x) For example, given integers x and y, it is easy to compute the product of x and y but hard to factorize a large integer. Given a cryptographic checksum for a message, it is not computationally feasible to find two messages that hash to the same cryptographic checksum. Example: MD5 HKU SPACE CC CN Lecture 08 11/23

12 Message Digest (Cryptographic Checksum) (Cont d) Figure: Outline of MD5. HKU SPACE CC CN Lecture 08 12/23

13 Public Key (Asymmetric) Cryptography In this method, two keys are used: a private key and a public key. It is computationally hard to deduce the private key from the public key. In the secrecy service, the encryption is done by using the public key and the decryption is done by using the private key. M E pub (M) D pri (E pub (M)) M Mathematically, the process bases on one-way functions. The public-key algorithm is slow. Symmetric algorithms are at least 1000 times faster. HKU SPACE CC CN Lecture 08 13/23

14 Public Key Cryptography - RSA RSA stands for Rivest, Shamir and Adleman. They are the inventors of the algorithm. The algorithm s outline goes as follows: Choose two large prime numbers p and q. Multiply p and q together to get n. Choose the encryption key e, such that e and (p 1) (q 1) are relatively prime. Compute decryption key d such that d =e 1 mod ((p 1) (q 1)). Construct private key as (e, n). Construct public key as (d, n). Discard (do not disclose) original primes p and q. To encrypt: c = m e mod n. To decrypt: m = c d mod n. Example: p = 3, q = 5, and plaintext = 9. HKU SPACE CC CN Lecture 08 14/23

15 Security Protocols Using the cryptography algorithms, we can design protocols to provide different security services. For the secrecy service, the secret key and the public key algorithms can be used. For the authentication service, we introduce here three protocols: two based on secret key algorithms and the other on public key algorithms. For the integrity, we also introduce three protocols. Besides the permanent keys, in a protocol, sometimes, the two participants may also establish session keys for ensuring the privacy between their communication. HKU SPACE CC CN Lecture 08 15/23

16 Authentication Algorithm (1) Assumption: both client and server already share a secret key. Approach: Each side generate a random number encrypted with the secret key. See whether the other side can decrypt it. Successful if CHK = SHK (client and server handshaking keys) SK: Session key HKU SPACE CC CN Lecture 08 16/23

17 Authentication Algorithm (1) Figure: Three-way handshake. HKU SPACE CC CN Lecture 08 17/23

18 Authentication Algorithm (2) This approach is based on a trusted third party (authentication server). Assumptions: A shares a secret key with S, and so is B with S. Notations in the messages: A, B: The participants identities T: Timestamp L: Lifetime K: Session key for A and B KA, KB: A s secret key shared with S and B s secret key shared with S, respectively. HKU SPACE CC CN Lecture 08 18/23

19 Authentication Algorithm (2) Figure: Trusted third party. HKU SPACE CC CN Lecture 08 19/23

20 Authentication Algorithm (3) Assumptions: Public key algorithm is used. A picks a random number and encrypts it with B s public key. B does the same to A. Figure: Public key authentication. HKU SPACE CC CN Lecture 08 20/23

21 Message Integrity Protocols Digital Signature Using RSA special case of a message integrity where the code can only have been generated by one participant, compute signature with private key and verify with public key. Keyed MD5 sender: m + MD5(m + k) + E(k, private); receiver: recovers random key using the sender s public key then applies MD5 to the concatenation of this random key message. MD5 with RSA signature sender: m + E(MD5(m), private); receiver: decrypts signature with sender s public key then compares result with MD5 checksum sent with message. HKU SPACE CC CN Lecture 08 21/23

22 Remaining Issues For the private key approach, how does a pair of participants generates and manages their shared secret key? Use RSA key exchange with digital signatures. Diffie-Hellman key exchange For the public key approach, how can one obtain another s true public key or how can one reliably advertise one s public key to others? Digital certificates Certification authority (a trusted third party approach) HKU SPACE CC CN Lecture 08 22/23

23 Acknowledgments Part of this slide set is referenced, prepared or/and extracted from the books: Computer Networks - A Systems Approach and the book Routing in the Internet. Also, some images and information are sourced from the Internet. This set of slides is for teaching purpose only. HKU SPACE CC CN Lecture 08 23/23