Network Security Part II: Standards

Similar documents
The Secure Sockets Layer (SSL)

Web Security Considerations

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Secure Socket Layer/ Transport Layer Security (SSL/TLS)

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Transport Level Security

Communication Systems SSL

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Chapter 7 Transport-Level Security

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Network Security Essentials Chapter 5

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Communication Security for Applications

CSC Network Security

CSC 474 Information Systems Security

Outline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts

Lecture 10: Communications Security

CSCI 454/554 Computer and Network Security. Topic 8.1 IPsec

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Securing IP Networks with Implementation of IPv6

Transport Layer Security Protocols

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

IP Security. Ola Flygt Växjö University, Sweden

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Secure Socket Layer. Security Threat Classifications

Virtual Private Networks

Chapter 32 Internet Security

Security in Computer Networks

Chapter 10. Network Security

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture

SECURE SOCKETS LAYER (SSL) SECURE SOCKETS LAYER (SSL) SSL ARCHITECTURE SSL/TLS DIFFERENCES SSL ARCHITECTURE. INFS 766 Internet Security Protocols

Chapter 17. Transport-Level Security

13 Virtual Private Networks 13.1 Point-to-Point Protocol (PPP) 13.2 Layer 2/3/4 VPNs 13.3 Multi-Protocol Label Switching 13.4 IPsec Transport Mode

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

Managing and Securing Computer Networks. Guy Leduc. Chapter 4: Securing TCP. connections. connections. Chapter goals: security in practice:

SSL/TLS. What Layer? History. SSL vs. IPsec. SSL Architecture. SSL Architecture. IT443 Network Security Administration Instructor: Bo Sheng

Network Security. Lecture 3

Computer and Network Security

Security Protocols/Standards

SECURE SOCKETS LAYER (SSL)

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

TLS and SRTP for Skype Connect. Technical Datasheet

Secure Sockets Layer

Internet Protocol Security IPSec

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

Security Engineering Part III Network Security. Security Protocols (II): IPsec

Virtual Private Networks: IPSec vs. SSL

Overview SSL/TLS HTTPS SSH. TLS Protocol Architecture TLS Handshake Protocol TLS Record Protocol. SSH Protocol Architecture SSH Transport Protocol

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

Lecture 9 - Network Security TDTS (ht1)

Chapter 9. IP Secure

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

Overview. SSL Cryptography Overview CHAPTER 1

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Lecture 17 - Network Security

Netzwerksicherheit: Anwendungen

T Cryptography and Data Security

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132)

ETSF10 Part 3 Lect 2

Cryptography and Network Security Sicurezza delle reti e dei sistemi informatici SSL/TSL

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS)

Computer Networks. Secure Systems

Security Protocols and Infrastructures. h_da, Winter Term 2011/2012

Cryptography and Network Security IPSEC

SSL Secure Socket Layer

IPSec and SSL Virtual Private Networks

Site to Site Virtual Private Networks (VPNs):

Laboratory Exercises V: IP Security Protocol (IPSec)

CS 4803 Computer and Network Security

, SNMP, Securing the Web: SSL

HTTPS: Transport-Layer Security (TLS), aka Secure Sockets Layer (SSL)

Protocol Security Where?

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Security. Learning Objectives. This module will help you...

VPN Modules for Cisco 1841 and Cisco 2800 and 3800 Series Integrated Services Routers

Internet Security Architecture

Secure Socket Layer. Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

Chapter 8. Cryptography Symmetric-Key Algorithms. Digital Signatures Management of Public Keys Communication Security Authentication Protocols

Software Engineering 4C03 Research Project. An Overview of Secure Transmission on the World Wide Web. Sean MacDonald

Lecture 10: Network Security Protocols

Chapter 5: Network Layer Security

As enterprises conduct more and more

Security vulnerabilities in the Internet and possible solutions

SSL Handshake Analysis

SSL Secure Socket Layer

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

IPsec Details 1 / 43. IPsec Details

TLS/SSL in distributed systems. Eugen Babinciuc

Virtual Private Network VPN IPSec Testing: Functionality Interoperability and Performance

Protocol Rollback and Network Security

Lecture 7: Transport Level Security SSL/TLS. Course Admin

Transcription:

Network Security Part II: Standards Raj Jain Washington University Saint Louis, MO 63131 Jain@cse.wustl.edu These slides are available on-line at: http://www.cse.wustl.edu/~jain/cse473-05/ 18-1

Overview q Secret Key Encryption: q Data encryption standard (DES) q Triple DES (3DES) q Advanced Encryption Standard (AES) q Hashing: q Secure Hash Algorithm 1 (SHA1) q Secure Socket Layer (SSL) q Secure IP (IPSec) 18-2

DES and 3DES q Data Encryption Standard (DES) q 64 bit plain text blocks, 56 bit key q Broken in 1998 by Electronic Frontier Foundation q Triple DES (3DES) q Uses 2 or 3 keys and 3 executions of DES q Effective key length 112 or 168 bit q Block size (64 bit) too small Slow 18-3

Advanced Encryption Standard (AES) q Designed in 1997-2001 by National Institute of Standards and Technology (NIST) q Federal information processing standard (FIPS 197) q Symmetric block cipher, Block length 128 bits q Key lengths 128, 192, and 256 bits 18-4

Plain Text Add round key 1 Substitute Bytes AES (cont) 128b = 16B 4 4 Array Table Lookup 11 12 13 14 21 22 23 24 31 32 33 34 41 42 43 44 Repeat 10 Times Shift Rows Mix columns Add round key i Cipher Text Shift left/right by 0, 1, or 2 Byte ij = fn(byte 1j, byte 2j, byte 3j, byte 4j ) 18-5

AES Encryption Round State Sub Bytes State Shift Rows State Mix Columns State Add Round Key State 18-6

Secure Hash Algorithm 1 (SHA-1) q Data processed in 512 bit blocks 160 bit hash q 1-512 bit Padding + 64 bit length (Data < 2 64 b) Padding Msg Len (1 to 512b) 512b 512b 512b 512b 160b 18-7

SSL and TLS q Secure Socket Layer (SSL) Reliable end-to-end secure service over TCP q Embedded in specific packages, E.g., Netscape and Microsoft Explorer and most Web servers q Transport Layer Security (TLS) defined in RFC 2246 q Minor differences between SSLv3 and TLS q Session = Multiple end-to-end TCP connections q Four Protocols: q Handshake protocol: Exchange shared secret key q Record protocol: Provide end-to-end encryption q Change cipher spec protocol: Updates cipher suite q Alert protocol: Warnings and fatal errors to peer 18-8

SSL Protocol Stack 18-9

SSL Record Protocol Operation Each upper-layer message fragmented 2 14 bytes (16384 bytes) or less Compression optionally applied Compressed message plus MAC encrypted using symmetric encryption Prepend header 18-10

Record Protocol Header Content Major Minor Compressed Type Version Version Length 8b 8b 8b 16b Data q Content Type: change_cipher_spec, alert, handshake, and application_data q Major Version: SSL v3 is 3 q Minor Version: SSLv3 value is 0 q Compressed Length: Maximum 2 14 + 2048 18-11

Change Cipher Spec Protocol q Cause pending state to be copied into current state q Updates cipher suite to be used on this connection q Single message: Single byte value 1 q Uses Record Protocol 18-12

Alert Protocol q Convey SSL-related alerts to peer entity q Two bytes q First byte: warning(1) or fatal(2) : If fatal, SSL immediately terminates connection : Other connections on session may continue : No new connections on session q Second byte indicates specific alert q Example: Incorrect MAC fatal alert 18-13

q Negotiate security parameters Handshake Protocol q Version: Highest SSL version understood by client q Random: 28 bytes from secure random number generator q 32-bit timestamp: Used during key exchange to prevent replay attacks q Session ID: Variable-length q Nonzero update existing connection or create new connection on session q Zero establish new connection on new session q Cipher Suite: Cryptographic algorithms supported q Compression Methods supported 18-14

Client Client Hello Server Hello Certificate Server key Exchange Certificate Request Server Hello Done Certificate Client Key Exchange Certificate verify Change Cypher Spec Finished Change Cipher spec Finished Handshake Protocol Server Phase 1: Exchange Protocol version, session ID, cipher suite, compression method and initial random numbers Phase 2: Certificate Phase 3: Certificate Phase 4: Change to new parameters 18-15

IPSec q Secure IP: A series of proposals from IETF q Separate Authentication and privacy q Authentication Header (AH) ensures data integrity and data origin authentication q Encapsulating Security Protocol (ESP) ensures confidentiality, data origin authentication, connectionless integrity, and anti-replay service IP Original Original AH ESP Header IP Header* Data Encrypted Authenticated * Optional 18-16

IPSec (Cont) q Two Modes: Tunnel mode, Transport mode q Tunnel Mode Original IP header encrypted q Transport mode Original IP header removed. Only transport data encrypted. q Supports a variety of encryption algorithms q Better suited for WAN VPNs (vs Access VPNs) q A reference implementation (Cerberus) IPSec and interoperability tester are available from NIST Cerberus = three headed dog guarding the underworld 18-17

Security Association q One way relationship between sender and receiver q For two way, two associations are required q Three SA identification parameters q Security parameter index q IP destination address q Security protocol identifier 18-18

Authentication Header q Next Header = TCP, UDP, q Payload Length = Length of AH in 32-bit works 2 (for IPv4) =Length of AH in 64-bit works -1 (for IPv6) q SPI = Identifies Security association (0=Local use, 1-255 reserved) q Authentication data = Integrity Check Value 18-19

AH ICV Computation IP Header AH Header [Old IP Header] IP payload ICV coverage The AH ICV is computed over: q IP header fields that are either immutable in transit or that are predictable in value upon arrival at the endpoint for the AH SA, e.g., source address (immutable), destination address with source routing (mutable but predictable) q The AH header (Next Header, Payload Len, Reserved, SPI, Sequence Number, and the Authentication Data (which is set to zero for this computation), and explicit padding bytes (if any)) q The upper level protocol data, which is assumed to be immutable in transit 18-20

ESP Packet q Payload data: IP, TCP, UDP packet q Pad Length in bytes q Next Header: Type of payload (TCP, UDP, ) q Authentication Data: Integrity Check Value over ESP packet 18-21

Summary q DES and 3DES are out. AES is current standard for encryption q SHA-1 is older secure hash function q SSL provides security at the session layer q IPSec provides authentication and/or encryption 18-22

Reading Assignment q Read Chapter 21 of Stallings 7 th edition Read 2402 (AH), RFC 2406 (ESP) 18-23

Homework q Submit answer to Exercise 21.13a in Stallings 7 th edition 18-24

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information