Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
L0. Introduction Rocky K. C. Chang, January 2013 The Internet is inherently insecure. Internet backbone infrastructure: DoS, worm Routing protocols (BGP): route hijacking DNS: poisoning, DoS Core Internet protocols (e.g., IP, TCP/UDP, HTTP): eavesdropping, modification, authentication LAN security: eavesdropping, modification, authentication Host security (e.g., Web servers, database): DoS, authentication, phishing, malicious software implant, identity and data theft, data exfiltration, etc. 2 Rocky K. C. Chang Internet security is inherently complex. A packet goes through many hops and links. Involve from the physical layer and up. Complexity in software and protocols Physical layer security Network security System security Application security Software ages Some protocol fields are never tested. The weakest link The human factor The success of Internet makes things worse. Security verses privacy (anonymity) How to measure security? 3 Rocky K. C. Chang Internet security is more than cryptography. Cryptography is not the solution to many security problems, e.g., software exploit, DoS. The vulnerability could come from the implementations of the cryptographic algorithms. Cryptography affects performance. Ease of use 4 Rocky K. C. Chang Security involves Threats: potential violation of security Policies Security policies: trust and access control Confidentiality policies: The Bell-LaPadula model Integrity policies: Clark-Wilson integrity model Hybrid policies: Chinese Wall models Design and implementation Identity representation, access control lists, information flow, etc Encryption and key management Authentication (human, user account, machine, service) 5 Rocky K. C. Chang Security involves How to ascertain how well a system meets its security goals? Assurance, system evaluation (TCSEC) Miscellaneous, e.g., Viruses, worms, software security Auditing Intrusion detection System security Network security User security 6 Rocky K. C. Chang This course is not about Cryptography, the art of secret writing, Writing computer viruses and worms, Special techniques of attacking and defending, The lower layer security measures, System security, Biometrics, Application-specific security … 7 Rocky K. C. Chang This course is about Understand the 3 fundamental cryptographic functions used in network security. Understand the issues involved when applying the cryptographic functions to the network protocols. Understand the main elements in securing today’s Internet infrastructure. Exposed to some current Internet security problems. 8 Rocky K. C. Chang Purposes of network security Confidentiality (or secrecy): Prevent others from reading information shared between two participants. Authentication: Verify someone’s or something’s identity. Message integrity: Assure that the message received has not be altered since it was generated by a legitimate source. Nonrepudiation: A sender should not be able to falsely deny later that he sent a message. Legitimate (and authorized) usage: Ensure that the network and system resources are properly utilized. 9 Rocky K. C. Chang Possible threats Obtaining information for … Modifying information for … Legitimate usage, message integrity Contracted for … Legitimate usage, message integrity Testing for … Secrecy, legitimate usage, message integrity Revenge for … Nonrepudiation Backmail for … Secrecy, authentication, legitimate usage Lying electronically for … Authentication, message integrity Stealing information for … Secrecy, authentication Secrecy, authentication, legitimate usage, message integrity Fun for … Secrecy, authentication, legitimate usage, message integrity 10 Rocky K. C. Chang The goals of security Prevention: Detection: Message authentication, nonrepudiation, and legitimate usage Active and passive countermeasures Recovery: Confidentiality, source authentication, nonrepudiation, and legitimate usage Active countermeasures Legitimate usage Rely on the detection. Traceback: Locate the actual attack source(s). 11 Rocky K. C. Chang Scope of considerations Two cases The secrecy, message integrity, authentication, and nonrepudiation services are provided by some cryptographic functions. Denial-of-service, worms, viruses, etc Scope: Concern mainly communication between two parties (group communication security is another important topic). Concern attacks against protocols, not those against cryptographic algorithms or cryptographic techniques used to implement the algorithms. 12 Rocky K. C. Chang Cryptography Plaintext (encryption) ciphertext Ciphertext (decryption) plaintext What is the secret? The cryptographic algorithm (restricted algorithm) The cryptographic algorithm is not a secret, but the key is. Level of security the length of the key the time of discovering the key using brute force The security problem is reduced to the securing of the key. 13 Rocky K. C. Chang Types of attacks Passive attacks (eavesdropping), e.g., ciphertext-only attacks (recognizable plaintext attacks) known-plaintext attacks Fred has obtained some <plaintext, ciphertext> pairs. chosen-plaintext attacks Fred has seen some ciphertext. Fred can choose any plaintext he wants. Active attacks, e.g., pretend to be someone else introduce new messages in the protocol delete existing messages substituting one message for another replay old messages 14 Rocky K. C. Chang Three cryptographic functions Hash functions: require 0 key Secret key functions: require 1 key Public key functions: require 2 keys Secret key functions Secrecy service Public key functions Authentication service Hash functions Message integrity service Nonrepudiation service 15 Rocky K. C. Chang Secret key (symmetric) cryptography Given: Encryption and decryption using the key. Alice and Bob agree on a secret key cryptosystem. Alice and Bob agree on a key (secret) K. Alice encrypts M with K: K{M} Bob decrypts K{M} with K M Problems: Keys must be distributed in secret. Compromising keys means compromising all aspects of security. The number of keys is not scalable to the user population size. 16 Rocky K. C. Chang Usages of the secret key cryptography Transmitting over an insecure channel Secure storage on insecure media Authentication: Challenge-response authentication with shared secret Alice Bob rA rA encrypted with K rB rB encrypted with K Message integrity check 17 Rocky K. C. Chang Public key (asymmetric) cryptography Given: Encryption using the public key and decryption using the private key. Alice and Bob agree on a public key cryptosystem. Alice owns a pair of public key and private key, and Bob knows Alice’s public key, which is not a secret. Alice encrypts M with Bob’s public key: {M}Bob Bob decrypts {M}Bob with its private key M Generate a digital signature on a message: Alice signs M with its private key: [M]Alice. Bob verifies Alice’s signature on [M]Alice with Alice’s public key. 18 Rocky K. C. Chang Usages of the public key cryptography Problems: Public-key algorithms are slow. Secret key algorithms are at least 1,000 times faster. Obtain the public key reliably. Usages: Transmitting over an insecure channel Secure storage on insecure media (difference as compared with the secret key cryptography?) Authentication: Alice Bob r encrypted with Bob’s public key decrypted with Bob’s private key Nonrepudiation with the digital signatures. 19 Rocky K. C. Chang Hash functions A hash (message digest or one-way function) produces a short, fixed-sized output h(m) for a message m. Properties: One-way functions are relatively easy to compute, i.e., given x and compute h(x). However, given h(x), it is significantly harder to compute x. It is computationally infeasible to find two inputs that hash to the same value. 20 Rocky K. C. Chang Usages of hash functions Password hashing Message integrity Keyed hash: compute h(message | key) and send the result with the message. Message fingerprinting Downline load security Digital signature efficiency 21 Rocky K. C. Chang Securing the Internet IP Security (IPSec) TCP and UDP insecurity SSL/TLS DNS security Firewalls DoS attacks and the countermeasures Buffer overflow attacks and the countermeasures Wireless LAN security 22 Rocky K. C. Chang Acknowledgments This set of notes is based on C. Kaufman, R. Perlman, and M. Speciner, Network Security: Private Communication in Public World, Second Edition, Prentice Hall PTR, 2002. L. Peterson and B. Davie, Computer Networks: A Systems Approach, Morgan Kaufmann, 2000. B. Schneier. Applied Cryptography, Second Edition, Wiley, 1996. M. Bishop, Introduction to Computer Security, Addison Wesley, 2005. 23 Rocky K. C. Chang