Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Information and Network Security Rudra Dutta CSC 401- Fall 2011, Section 001 Network Security Based on concepts of information security – – Complementary to: physical security of networks and endpoints Also related to: human security Comparatively recent concern with security in networks Various “attackers” or “malcontents” at various levels of seriousness, frequency, ability Overarching goal – no single place (many vulnerabilities) No such thing as 100% security Copyright Rudra Dutta, NCSU, Fall 2011 2 Components of Study Basic concerns – – Fundamental tools – Signatures, certifications, … Protocols / architectures – Cryptography Building blocks – Confidentiality, authentication, non-repudiation, integrity Availability, authorization IPSec, firewall, VPN, PGP, SSL, Shibboleth … Emerging trend: trust management Copyright Rudra Dutta, NCSU, Fall 2011 3 Security Concerns Confidentiality (Secrecy, Privacy) – – Authentication – Message received same as message sent Availability – Inability to claim innocence of past action Integrity – Confidence in recognizing trusted or known entity Non-repudiation – Nobody but intended recipient should know content “Person-in-the-middle” possibility in networks Infrastructure / resource available to genuine use Authorization – Policy form of confidentiality Copyright Rudra Dutta, NCSU, Fall 2011 4 Cryptography DK ( EK ( P ) ) = P (symmetric-key) “Algorithm is public, only keys are secret” Attacks: (i) ciphertext-only, (ii) known-plaintext, (iii) chosen-plaintext Copyright Rudra Dutta, NCSU, Fall 2011 5 Ciphers as Transformation Simple substitution cipher – Fundamental principles: – – More advanced ones possible Messages must contain some redundancy Some method is needed to foil replay attacks The first implies that plaintext “space” must be large and sparsely used – can use cryptographic hashes The second shows the need of timestamp or equivalent Ciphering (even efficiently) is only useful if these conditions are first met Copyright Rudra Dutta, NCSU, Fall 2011 6 Data Encryption Standard Copyright Rudra Dutta, NCSU, Fall 2011 A comparatively older and simpler symmetric key cipher Each stage uses a different 48-bit key derived from the main 56-bit key Li-1 is transformed to 48 bits, bitXOR’d with key, mapped back into 32 bits 7 Other Ciphers Some common symmetric-key cryptographic algorithms Copyright Rudra Dutta, NCSU, Fall 2011 8 Public Key Cryptography Weak point: key distribution – – Keys have to be distributed, yet kept secret Once a key is compromised, worse than useless Solution: asymmetric keys – – Encryption and decryption use different keys which are not trivially related to each other Diffie-Hellman, 1976 D ( E ( P )) = P Exceedingly difficult to deduce D from E E cannot be broken by chosen-plaintext attack E(.) can be made public – D(.) is never distributed “public key cryptography” Copyright Rudra Dutta, NCSU, Fall 2011 9 RSA (Rivest, Shamir, Adleman) Choose two large primes, p and q (e.g. 3 and 11) 2. Compute n = p × q and z = ( p − 1) × (q − 1) 3. Choose number relatively prime to z – call it d (7) 4. Find e such that e × d = 1 mod z (3) E(.) : C = Pe (mod n) D(.) : P = Cd (mod n) 1. Copyright Rudra Dutta, NCSU, Fall 2011 10 Tools: Digital Signatures Required Conditions: Receiver can verify claimed identity of sender. 2. Sender cannot later repudiate contents of message. 3. Receiver cannot have concocted message himself. 1. Copyright Rudra Dutta, NCSU, Fall 2011 11 Message Digests (Cryptographic Hash) Message Digest (e.g. MD5) properties 1. Given P, easy to compute MD(P). 2. Given MD(P), effectively impossible to find P. 3. Given P no one can find P′ such that MD(P′) = MD(P). 4. Change to input of even 1 bit produces very different output. Message digests can form Digital signatures (However, vulnerable to birthday attack) Copyright Rudra Dutta, NCSU, Fall 2011 12 Management of Public Keys Trudy can subvert public-key encryption: need certification Copyright Rudra Dutta, NCSU, Fall 2011 13 Achieving Security in Networks IPSec – Security in IP layer between endpoints Firewalls – policing at gateways VPNs – Multipoint-to-multipoint secure community over insecure Internet Kerberos etc. – authentication over insecure Internet PGP etc. – Security between application endpoints DNSSec – Securing DNS transactions TLS / SSL – API to encapsulate process-toprocess (client-server) security Copyright Rudra Dutta, NCSU, Fall 2011 14 IP Security Multiple services, separate – – – Security Association – – End-to-end context, unidirectional, security identifier Allows use of IPSec at different granularities Transport mode – – – Secrecy, Integrity, Replay protection Based on symmetric keys Pluggable algorithm modules IPSec header Inserted after IP header Integrity, authentication, replay attacks with AH Origin (integrity, authentication), secrecy, replay with ESP Tunnel mode – IP packet encapsulated in new IP packet, ESP – Integrity, authentication, secrecy, replay Copyright Rudra Dutta, NCSU, Fall 2011 15 Key Management Shared keys Distribution (sharing) of keys outside SA ISAKMP framework – Manual pre-configuration – Internet Key Exchange v2 protocol – DNS as key distributor – Others … When two IP endpoints want to setup a SA, they already have a shared key / have a way to share a key Copyright Rudra Dutta, NCSU, Fall 2011 16 IPsec AH Identifier Detect replay attacks Hashed Message Authentication Code Signature computed using shared key Transport mode only – Authentication Header – In IPv6, used as extension header In IP header, Protocol is 51 for IPSec Copyright Rudra Dutta, NCSU, Fall 2011 17 IPsec ESP Header contains security identifier and sequence number Originally, secrecy only (not integrity) Later extended by adding authentication signature Eventually likely to phase out AH Copyright Rudra Dutta, NCSU, Fall 2011 18 Firewalls Packet filtering gateways – Can filter by ports, or any other field DMZ or Perimeter Networks can complement Stateless, stateful, application-level gateways Should form component of overall security picture Copyright Rudra Dutta, NCSU, Fall 2011 19 Virtual Private Networks Create virtual circuits between gateways of each physical network of an organization – – Actually, not virtual circuits but SA tunnels Firewalls as well as gateways Intermediate routers can transport but not compromise – May provide MPLS tunnels (with bandwidth provisions) Copyright Rudra Dutta, NCSU, Fall 2011 20 Kerberos KS: Session key Ticket granting ticket KAB: Service session key Service ticket “Three-headed” scheme Separate user authentication from service authorization Password not transmitted, on public workstation briefly Copyright Rudra Dutta, NCSU, Fall 2011 21 Pretty Good Privacy Random input by Alice Bob confident of P, Alice Only Bob can get KM Like DES RSA used to encrypt small, random words IDEA (much faster) encrypts larger message Copyright Rudra Dutta, NCSU, Fall 2011 22 PGP Message Copyright Rudra Dutta, NCSU, Fall 2011 23 DNS Copyright Rudra Dutta, NCSU, Fall 2011 24 DNS Spoofing Copyright Rudra Dutta, NCSU, Fall 2011 25 Poisoning DNS Basically – force DNS server to query, and send false answer right behind the query Need to first know sequence number – register bogus domain Copyright Rudra Dutta, NCSU, Fall 2011 26 DNSSec DNSSec attempts to provide: – – – DNS replies are Resource Records – – Grouped into sets – RRSets Each DNS zone has public/private key pair – Proof of where the data originated Public key distribution Transaction and request authentication RRSet to be delivered is cryptographically hashed Hash is signed by zone’s private key New RR types to store key, hash, specify algorithm (and others such as validity period) Hashing and signing is offline – at zone Signatures also protect query-response between servers Copyright Rudra Dutta, NCSU, Fall 2011 27 SSL / TLS Encapsulate security for application programs Original SSL proposed by Netscape, later TLS standardized by IETF – TLS is incompatible with SSL – Falls back on SSL, but not earlier than SSL 3.0 Newly generated key to sign and encrypt data for each connection Copyright Rudra Dutta, NCSU, Fall 2011 28 Summary Cryptography and privacy/secrecy of keys used to assure security goals Network security largely still in the stage of shoring up known exploits Understanding of vulnerabilities are still on a case-by-case basis “Encrypt everything” may be both overkill and underkill Significant growth area Copyright Rudra Dutta, NCSU, Fall 2011 29