Principles of Network Security



Similar documents
SECURITY IN NETWORKS

Chapter 7: Network security

Network Security. HIT Shimrit Tzur-David

Chapter 8 Security. IC322 Fall Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

What is network security?

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

Network Security #10. Overview. Encryption Authentication Message integrity Key distribution & Certificates Secure Socket Layer (SSL) IPsec

Security. Friends and Enemies. Overview Plaintext Cryptography functions. Secret Key (DES) Symmetric Key

Chapter 8 Network Security

Network Security. Computer Networking Lecture 08. March 19, HKU SPACE Community College. HKU SPACE CC CN Lecture 08 1/23

CSE/EE 461 Lecture 23

TELE 301 Network Management. Lecture 18: Network Security

Network Security CS 5490/6490 Fall 2015 Lecture Notes 8/26/2015

What is network security?

Application Layer (1)

Overview of Network Security

Security: Focus of Control. Authentication

CIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Computer Networks. Network Security 1. Professor Richard Harris School of Engineering and Advanced Technology

Getting the most from Apple Mail

Outline. CSc 466/566. Computer Security. 8 : Cryptography Digital Signatures. Digital Signatures. Digital Signatures... Christian Collberg

Public Key (asymmetric) Cryptography

Cryptosystems. Bob wants to send a message M to Alice. Symmetric ciphers: Bob and Alice both share a secret key, K.

Security in Distributed Systems. Network Security

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ MEng. Nguyễn CaoĐạt

Network Security Technology Network Management

CSCE 465 Computer & Network Security

Symmetric Key cryptosystem

Telematics Chapter 11: Network Security Beispielbild User watching video clip

Security in Computer Networks

Authentication requirement Authentication function MAC Hash function Security of

Client Server Registration Protocol

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

CSC474/574 - Information Systems Security: Homework1 Solutions Sketch

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

Message Authentication Codes

Public Key Cryptography Overview

Lukasz Pater CMMS Administrator and Developer

First Semester Examinations 2011/12 INTERNET PRINCIPLES

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Network Security. Network Security. Security in Computer Networks

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

Part 2 D(E(M, K),K ) E(M, K) E(M, K) Plaintext M. Plaintext M. Decrypt with private key. Encrypt with public key. Ciphertext

CRYPTOGRAPHY IN NETWORK SECURITY

Properties of Secure Network Communication

Network Security Protocols

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Introduction to Computer Security

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Network Security. Security Attacks. Normal flow: Interruption: 孫 宏 民 Phone: 國 立 清 華 大 學 資 訊 工 程 系 資 訊 安 全 實 驗 室

CS 758: Cryptography / Network Security

Message authentication and. digital signatures

An Introduction to Cryptography as Applied to the Smart Grid

Lecture 9: Application of Cryptography

Cryptography and Network Security

Chapter 10. Network Security

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Chapter 8 Network Security

Lecture 9 - Network Security TDTS (ht1)

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Chapter 8. Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, sl April Thanks and enjoy!

Cryptography and Network Security Department of Computer Science and Engineering Indian Institute of Technology Kharagpur

: Network Security. Name of Staff: Anusha Linda Kostka Department : MSc SE/CT/IT

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

Computer Security: Principles and Practice

12/8/2015. Review. Final Exam. Network Basics. Network Basics. Network Basics. Network Basics. 12/10/2015 Thursday 5:30~6:30pm Science S-3-028

Chapter 8. Network Security

SFWR ENG 4C03 - Computer Networks & Computer Security

Compter Networks Chapter 9: Network Security

Savitribai Phule Pune University

Network Security Concepts: Review

Authentication Types. Password-based Authentication. Off-Line Password Guessing

Cryptography and Network Security Chapter 14. Key Distribution. Key Management and Distribution. Key Distribution Task 4/19/2010

Module 7 Security CS655! 7-1!

Security in Computer Networks

Final Exam. IT 4823 Information Security Administration. Rescheduling Final Exams. Kerberos. Idea. Ticket

Information Security

2.4: Authentication Authentication types Authentication schemes: RSA, Lamport s Hash Mutual Authentication Session Keys Trusted Intermediaries

Network Security. Omer Rana

Content Teaching Academy at James Madison University

Data Communications & Networks. Session 11 Main Theme Network Security. Dr. Jean-Claude Franchitti

VoteID 2011 Internet Voting System with Cast as Intended Verification

Introduction to Cryptography CS 355

Overview. SSL Cryptography Overview CHAPTER 1

Cryptography and Network Security Chapter 14

Lecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References

Cryptography and Network Security Digital Signature

CPSC 467b: Cryptography and Computer Security

Cryptography & Digital Signatures

Transcription:

he Network Security Model Bob and lice want to communicate securely. rudy (the adversary) has access to the channel. lice channel data, control s Bob Kai Shen data secure sender secure receiver data rudy 4/22/2013 CSC 257/457 Spring 2013 1 4/22/2013 CSC 257/457 Spring 2013 2 Who might Bob and lice be? What can an adversary do? Web browser/server for electronic transactions (e.g., on line purchases/banking) DNS servers outers exchanging routing table updates well, real life Bobs and lices! Eavesdrop: understand the content of s ctively changing s Impersonation: fake (spoof) identity Denial of service: prevent service from being used by others (e.g., by overloading resources) 4/22/2013 CSC 257/457 Spring 2013 3 4/22/2013 CSC 257/457 Spring 2013 4 CSC 257/457 Spring 2013 1

What is Network Security? Confidentiality: only sender, intended receiver should understand contents. uthentication: sender, receiver want to confirm identity of each other. Message Integrity: sender, receiver want to ensure not altered (in transit, or afterwards). Confidentiality: cryptography uthentication Integrity Key distribution and certification ccess and vailability: services must be accessible and available to (and only to) legitimate users. 4/22/2013 CSC 257/457 Spring 2013 5 4/22/2013 CSC 257/457 Spring 2013 6 he Language of Cryptography Symmetric Key Cryptography: Monoalphabetic Cipher plaintext First goal of cryptography: confidentiality. lice s K encryption encryption ciphertext decryption decryption plaintext Monoalphabetic cipher: substitute one letter for another. plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Example: Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc Symmetric crypto: encryption and decryption s are identical. (both are secret) Public crypto: encryption is public, decryption is secret. 4/22/2013 CSC 257/457 Spring 2013 7 Q1: How hard to break this simple cipher? brute force? other? Q2: How to make it more difficult to break? 4/22/2013 CSC 257/457 Spring 2013 8 CSC 257/457 Spring 2013 2

Symmetric Key Cryptography: DES DES: Data Encryption Standard US encryption standard [NIS 1993] 56 bit symmetric, 64 bit plaintext input encryption: initial permutation 16 rounds, each using different 48 bits of final permutation decryption: reverse operation using the same How secure is DES? DES Challenge (1999): 56 bit encrypted phrase decrypted (brute force) in 22 hours 15 minutes Making DES more secure: use three s sequentially (3 DES) use more bits 4/22/2013 CSC 257/457 Spring 2013 9 ES: dvanced Encryption Standard Newer (Nov. 2001) symmetric NIS standard, replacing DES Processes data in 128 bit blocks 128, 192, or 256 bit s Brute force decryption (try each ) taking 1 sec on DES, takes 149 trillion years for 128 bit ES 4/22/2013 CSC 257/457 Spring 2013 10 Public Key Cryptography Symmetric cryptography requires sender, receiver know shared secret Q: how to agree on in the first place? (particularly difficult if rudy is eavesdropping on all communication) Public cryptography encryption is different from decryption encryption is public,known to everyone, also called public decryption is secret, known only to receiver, also called private plaintext, m Public Key Cryptography encryption ciphertext K (m) B decryption public K private B plaintext m = K (K (m)) B B Principle for choosing the public/private pair: One should not be able to derive the private from the public. 4/22/2013 CSC 257/457 Spring 2013 11 4/22/2013 CSC 257/457 Spring 2013 12 CSC 257/457 Spring 2013 3

Public Key Cryptography: S (on ivest, di Shamir and Len dleman) Choosing s: Choose two large prime numbers p, q. (e.g., 1024 bits each) Compute n = pq, z = (p 1)(q 1) Choose e (with e<n) that has no common factors with z Choose d such that ed 1 is exactly divisible by z Public is (n,e). Private is (n,d) o encrypt a, m (<n): do c = m e mod n o decrypt a received ciphertext, c: do m = c d mod n eason: for any m (relatively prime with n) m z mod n = 1; therefore m ed 1 mod n = 1 nother property: (m d mod n) e mod n = m S is much slower than the symmetric cryptos Confidentiality: cryptography uthentication Integrity Key distribution and certification 4/22/2013 CSC 257/457 Spring 2013 13 4/22/2013 CSC 257/457 Spring 2013 14 uthentication: version 1.0 uthentication: Bob wants lice to prove her identity to him. Protocol ap1.0: lice says I am lice. I am lice I am lice Failure scenario?? rudy can simply declare herself to be lice uthentication: version 2.0 Protocol ap2.0: lice says I am lice and sends her secret password to prove it. I m lice lice s password I m lice lice s password Failure scenario?? playback attack: rudy records lice s packet and later plays it back to Bob 4/22/2013 CSC 257/457 Spring 2013 15 4/22/2013 CSC 257/457 Spring 2013 16 CSC 257/457 Spring 2013 4

uthentication: version 3.0 Goal: avoid playback attack Nonce: number () used only once in a lifetime ap3.0: Bob sends lice a nonce,. lice must return, encrypted with shared secret I am lice K () B only lice knows to encrypt nonce, so it must be lice! 4/22/2013 CSC 257/457 Spring 2013 17 uthentication: version 4.0 ap3.0 requires shared symmetric. Key distribution can be a problem. ap4.0: use nonce, public cryptography. I am lice Bob computes K (K ()) = K () and knows only lice could have the private, that encrypted such that K (K ()) = 4/22/2013 CSC 257/457 Spring 2013 18 Confidentiality: cryptography uthentication Integrity Key distribution and certification Integrity Digital Signatures: cryptographic technique to ensure document integrity. analogous to hand written signatures. Sender (Bob) digitally signs document, establishing he is document owner/creator. he recipient (lice) receives the document and the digital signature. he recipient can be sure that the document is verifiable: Bob signed the document. nonforgeable: the document hasn t been changed since Bob signed it. 4/22/2013 CSC 257/457 Spring 2013 19 4/22/2013 CSC 257/457 Spring 2013 20 CSC 257/457 Spring 2013 5

Digital Signatures Bob signs m by encrypting with his private, creating a digital signature (m), m private K B (m) Dear lice, Oh, how I have missed Public m, signed you. I think of you all the time! (blah blah blah) encryption (encrypted) with his private Bob Suppose lice receives msg m and its digital signature (m) lice applies public to (m) then checks whether ( (m)) = m. If so, whoever signed m must have used private. Problem: computationally expensive to public encrypt long s. 4/22/2013 CSC 257/457 Spring 2013 21 Bob sends digitally signed (small) digest: large m Signed Message Digest H: Hash function private H(m) digital signature (encrypt) encrypted msg digest (H(m)) lice verifies signature and integrity of digitally signed : large m H: Hash function H(m) public equal? encrypted msg digest (H(m)) digital signature (decrypt) H(m) 4/22/2013 CSC 257/457 Spring 2013 22 Message Digests pply a hash function H to m, get a much smaller digest H(m). Public encrypt the digest to generate the digital signature (H(m)). Good/bad hash functions? Hint: given a hash function, it is possible for many s sharing the same digest. Internet Checksum: Poor Hash Function for Generating Message Digests Given a and its Internet checksum, it is easy to find another with same checksum. I O U 1 0 0. 9 9 B O B SCII format 49 4F 55 31 30 30 2E 39 39 42 D2 42 B2 C1 D2 C I O U 9 0 0. 1 9 B O B different s but identical checksums! SCII format 49 4F 55 39 30 30 2E 31 39 42 D2 42 B2 C1 D2 C Hash function property: given digest x for m, computationally infeasible to find another m that shares the same digest. 4/22/2013 CSC 257/457 Spring 2013 23 4/22/2013 CSC 257/457 Spring 2013 24 CSC 257/457 Spring 2013 6

Good Hash Functions for Generating Message Digests MD5 computes 128 bit digest in 4 step process. appears difficult to construct m whose MD5 hash is equal to x. SH 1 [NIS, FIPS PUB 180 1] 160 bit digest Confidentiality: cryptography uthentication Integrity Key distribution and certification 4/22/2013 CSC 257/457 Spring 2013 25 4/22/2013 CSC 257/457 Spring 2013 26 Key Distribution and Certification Symmetric distribution problem: How do lice and Bob establish shared secret over network without rudy s knowledge? Public distribution problem: When lice obtains public (from web site, e mail, diskette), how does she know it is public, not rudy s? Secret Key Distribution: Key Distribution Center (KDC) KDC: server shares different secret with each registered user (many users). lice, Bob know own symmetric s, K KDC KDC, for communicating with KDC. KDC KDC K K PKDC KDC K XKDC K YKDC K KDC KDC K ZKDC 4/22/2013 CSC 257/457 Spring 2013 27 4/22/2013 CSC 257/457 Spring 2013 28 CSC 257/457 Spring 2013 7

lice knows 1 Key Distribution using KDC Q: How does KDC allow Bob, lice to determine shared symmetric secret to communicate with each other? K KDC (,B) KDC generates 1 K KDC (1, KDC (,1)) KDC (,1) lice and Bob communicate: using 1 as session for shared symmetric encryption Bob knows to use 1 to communicate with lice 4/22/2013 CSC 257/457 Spring 2013 29 Security Vulnerability with Public Key Distribution case example for public based authentication. I am lice Bob computes K (K ()) = K () and knows only lice could have the private, that encrypted such that K (K ()) = What if Bob doesn t know lice s public ahead of time? 4/22/2013 CSC 257/457 Spring 2013 30 Security vulnerability when public s are not well known Man (woman) in the middle attack: rudy poses as lice (to Bob) and as Bob (to lice) m = K (K (m)) I am lice K () Send me your public K K (m) rudy gets m = K (K (m)) sends m to lice ennrypted with lice s public I am lice K () Send me your public K K (m) 4/22/2013 CSC 257/457 Spring 2013 31 Public Key Distribution: Certification uthorities Certification authority (C): trustable by everyone; every one knows its public. E (person, router) registers its public with C. identifying information E provides proof of identity to C. C creates certificate binding E to its public. certificate is C signed document saying E s public is public digital signature (encrypt) C private K C 4/22/2013 CSC 257/457 Spring 2013 32 certificate for public, signed by C CSC 257/457 Spring 2013 8

Certification uthorities (cont.) Key Certification Methods When lice wants to verify public : gets certificate (Bob or elsewhere). apply C s public to certificate, verify public. digital signature (decrypt) C public K C public Public certificate signed by a certification authority Peer certification: If knows B personally, they can verify each other s public s using offline means and sign them; Certificate chain leading to a certificate authority C signs s public certificate signs B s public certificate B signs C s public certificate 4/22/2013 CSC 257/457 Spring 2013 33 4/22/2013 CSC 257/457 Spring 2013 34 Summary: Principles of Network Security Cryptography: symmetric s: protocols? weakness? public s: protocol? weakness? Confidentiality: only sender, intended receiver should understand contents uthentication: sender, receiver want to confirm identity of each other Message Integrity: sender, receiver want to ensure not altered (in transit, or afterwards) Key distribution? Disclaimer Parts of the lecture slides contain original work of James Kurose, Larry Peterson, and Keith oss. he slides are intended for the sole purpose of instruction of computer networks at the University of ochester. ll copyrighted materials belong to their original owner(s). 4/22/2013 CSC 257/457 Spring 2013 35 4/22/2013 CSC 257/457 Spring 2013 36 CSC 257/457 Spring 2013 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information