2001 prentice hall, inc. all rights reserved. 1 chapter 6, security outline 6.1 introduction...

2001 Prentice Hall, Inc. All rights reserved.

1

Chapter 6, Security

Outline6.1 Introduction6.2 Ancient Ciphers to Modern Cryptosystems6.3 Secret-key Cryptography6.4 Public-key Cryptography6.5 Cryptanalysis6.6 Key Agreement Protocols6.7 Key Management6.8 Digital Signatures6.9 Public-key Infrastructure, Certificates and Certification Authorities

6.9.1 Smart Cards6.9.2 Wireless PKI (WPKI)

6.10 Security Protocols6.10.1 Security Sockets Layer (SSL)6.10.2 WTLS6.10.3 IPSec and Virtual Private Networks (VPN)6.10.4 802.11 Wireless LAN Security


2

Chapter 6, Security

Outline6.11 Authentication

6.11.1 Keberos6.11.2 Biometrics6.11.3 Single Sign-On

6.12 Security Attacks6.12.1 Denial-of-Service (DoS) Attacks6.12.2 Viruses and Worms6.12.3 Wireless Attacks

6.12.4 Software Exploitation, Web Defacing and Cybercrime6.13 Network Security

6.12.1 Firewalls6.12.2 Intrusion Detection Systems

6.13 Steganography6.14 Internet and World Wide Web Resources


3

6.1 Introduction

• Need for Internet security– Consumers buying products, trading stocks and banking

online

– Credit-card, social security and confidential business information exchanged

– Security attacks• Data theft and hacker attacks

• Wireless transmissions easier to intercept

• Secure transaction fundamentals– Privacy: no third party

– Integrity: information unaltered

– Authentication: proving identities

– Non-repudiation: legal proof of message received


4

6.1 Introduction

• Availability– Network stays in operation continuously and are becoming

wireless

• 4 main security issues– Privacy

– Integrity

– Authentication

– Non-repudiation


5

6.2 Ancient Ciphers to Modern Cryptosystems

• Cryptography– Cipher/cryptosystem (algorithm) encrypts message

• Plaintext: unencrypted data

• Ciphertext: encrypted data

– Key: used by sender and receiver to encrypt and decrypt message

• Ancient Ciphers– Substitution ciphers: given letter replaced by different letter

– Transposition ciphers: letter ordering shifted

– Restricted algorithms: security relies on keeping encryption algorithm secret


6

6.2 Ancient Ciphers to Modern Cryptosystems

• Digital cryptosystems– Algorithms based on bits/blocks of binary string (computer

data)

– Key length: stronger encryption for longer keys

– US government used to limit key length of exported cryptosystems

• Regulations now less stringent


7

6.3 Secret-key Cryptography

• Symmetric/secret-key cryptography– Same key encrypts and decrypts message

– Disadvantages• Need secure method to transfer key

• No authentication because same key used on both ends

• Sender needs separate secret key for each receiver

– Key distribution center (KDC) • Shares secret key with users in network

• Encrypts session key with secret keys to sender and receiver

• Session key used for transaction

• New keys and less couriers for transactions, but security depends on security on KDC


8

6.3 Secret-key Cryptography

• Data Encryption Standard (DES)– Uses block cipher: creates bit groups from message and

applies algorithm to whole block

– DES standard set by American National Standards Institute (ANSI) for years, no loner considered secure

• DES Cracker Machines developed to crack DES code

• Triple DES (3DES) replaced DES– Three DES systems in row with unique secret key

• Advanced Encryption Standard (AES) is new standard– Nation Institute of Standards and Technology (NIST)

currently evaluating Rijndael for AES


9

6.4 Public-key Cryptography

• Public-key Cryptography– Uses public-key (distributed) and private-key (kept secret)

– Public-key decrypts private-key and vice-versa

– Computationally infeasible to deduce private-key from public-key

– Authentication• If receiver’s public-key and sender’s private key are both used,

both parties are authenticated

• RSA: most common public-key algorithm– Used by most Fortune 1000 and e-commerce businesses

• Pretty Good Privacy (PGP)– Encrypts e-mails and files using “web of trust”


10

6.5 Cryptanalysis

• Even if keys are secret, it is possible to compromise the security of a system

• Cryptanalysis: trying to decrypt ciphertext without knowledge of the decryption key– Cryptanalytic attacks

• Attacks can be reduced if proper key management structures are in place and keys use expiration dates


11

6.6 Key Agreement Protocols

• Public-key algorithms not efficient for large amounts of data– Large computing power requirements slow communication

• Key Agreement Protocol– Two parties exchange keys over unsecure medium

– Digital envelope: symmetric secret key encrypted using public-key encryption


12

6.7 Key Management

• Secrecy of private keys crucial to system security– Poor key management: mishandling of private keys

– Key generation: process by which keys created• Should be as random as possible

– Brute-force cracking: decrypting message using every possible decryption key


13

6.8 Digital Signatures

• Digital signatures: provide authentication and integrity in public-key cryptography– Hash function: calculation assigns hash value to message

– Chance of collision: two messages with same hash value is statistically insignificant

– Digital signature, hash function and encrypted message sent to receiver

• Message integrity: recalculated message hash value matches that sent in signature, verifies integrity

– Timestamping: solves non-repudiation problem• Executed by timestamping agency who only sees encrypted

message

– Digital Signature Algorithm: standard for digital signatures


14

6.9 Public-key Infrastructure, Certificates and Certification Authorities

• Public-key Infrastructure– Integrates public-key cryptography with digital certificates

and certification authorities (CA’s)• Digital certificate: identifies user, issued by certification

authority (such as VeriSign)

• Digital certificates stored in certificate repositories

– Certificate authority hierarchy• Root certification authority, the Internet Policy Registration

Authority (IPRA), signs certificates for policy creation authorities who set policies for obtaining digital certificates

• Policy creation authorities sign for CA’s who sign for individuals and organizations

• Signings use public-key cryptography


15


• Changing keys necessary for maintaining security– Digital certificates have expiration dates

– Canceled and revoked certificates placed on certificate revocation list (CRL)

• Ensuring authenticity– Check certificate with CRL (inconvenient)

– Online Certificate Status Protocol (OCSP) validates certificates in real-time

• PKI and digital certificate transactions are more secure than phone line, mail or even credit-card transactions


16


A portion of the VeriSign digital certificate. (Courtesy of Verisign, Inc.)


17

6.9.1 Smart Cards

• Smart card– Types

• Memory cards: store information

• Microprocessor: operating system, security and storage

– Interfaces for reading devices• Contact interface: physical contact with reading device

• Contactless interface: data transferred without contact

– Security• Cards store keys, certificates and information for PKI

• Used with personal information number (PIN) to increase security

• Can be used for authentication


18

6.9.1 Smart Cards

• Wireless Identity Module (WIM)– Security for certificates, PIN codes, keys and digital

signatures

– WIM includes all necessary PKI algorithms on card itself


19

6.9.2 Wireless PKI (WPKI)

• Wireless PKI (WPKI)– Authenticates with certificates and encrypts with public-key

cryptography

– Many e-businesses use WPKI

– WPKI keys stored on smart cards

• Certicom’s Trustpoint– MobileTrust Certificate Authority

– Certificate registration through PKI portal software• Certificates issued with elliptic curve cryptography

– Trustpoint Client Software: communicate directly with CA


20

6.10 Security Protocols

• Protocol types– Secure Sockets Layer (SSL) and Internet Protocol Security

(IPSec)

– Network security protocols: protect network communications

– Application-layer protocols: security for specific applications

• Wireless transaction protocols– Wireless Transport Security Layer (WTLS)

– Wired Equivalent Privacy (WEP)


21

6.10.1 Secure Sockets Layer (SSL)

• Security Sockets Layer (SSL) protocol– Secures World Wide Web communications/connections

– Operates between Internet’s TCP/IP protocol and application software

• Transmission Control Protocol/Internet Protocol (TCP/IP) protocols– IP routes information packets from sender

• Destination determined by IP number

– TCP ensures all packets are received and in order• TCP passes message to socket which translates message


22

6.10.1 Secure Sockets Layer (SSL)

• Public-key technology used to protect information– Communication by session keys and digital certificates

– TCP/IP runs own set of encryption/decryption procedures

– Private information not protected once on merchant server

• Authentication– SSL can authenticate server, client, neither or both

– Usually, only server authenticated

• Peripheral component interconnect (PCI) card– Secures data for entire SSL transaction


23

6.10.2 WTLS

• Wireless Transport Layer Security– Encrypts data between wireless device and WAP gateway

• At WAP gateway, messages decrypted from WTLS and encrypted into SSL

• WAP gap: milliseconds of decryption between WTLS and SSL

– WTLS tunneling• Eliminates WAP gap

• Instead of switching to SSL, 128-bit WTLS key encrypts data for rest of transaction

• Secure Enterprise Proxy: WTLS tunneling used by phone.com

• Dynamic Proxy Navigation (DPN)– Future wireless security protocol


24

6.10.3 IPSec and Virtual Private Networks (VPN)

• Networks– Local area networks (LANs): connect computers in close

proximity

– Wide area networks (WANs): connect computers in multiple locations through telephone lines and radio waves

– Virtual private networks (VPNs): link multiple networks and wireless users

• Use existing Internet infrastructure

• Internet Protocol Security (IPSec)– Secures data privacy and integrity in VPN tunnels

– Uses public-key and symmetric-key cryptography

– Information sent over IP• IP spoofing: unauthorized access by IP emulation


25

6.10.3 IPSec and Virtual Private Networks (VPN)

• VPN security features– Authentication Header (AH): verifies sender and data

integrity

– Encapsulating Security Payload (ESP): encrypts data with symmetric key ciphers

– Internet Key Exchange (IKE): protocol determines security restrictions and authenticates encryption keys

– VPN security difficult to manage


26

6.10.4 802.11 Wireless LAN Security

• Wireless Equivalent Privacy (WEP)– Security protocol for 802.11 wireless LANs

• Wireless LAN: radio-wave network covering small area

• WEP provides integrity checking and data encryption

– WEP transmission flaws• Encryption weaknesses: small initialization vector for key

generation

• Wireless access points (base stations) share keys

– More of same key, easier to crack system


27


• Cisco Aironet 350 series: secures WLANs– Remote Authentication Dial-In User Service: Device

authentication and key management

– Larger encryption engine than WEP

– Lightweight Extensible Authentication Protocol (LEAP): creates new encryption keys for new user logons

• Lowers risk of IV collision (two devices with same secret key)

• IEEE plans to establish Enhanced Security Network (ESN) which will implement 128-bit Advanced Encryption Standard (AES)


28


• Radicchio– Founded to develop standard platform for secure, global m-

commerce

– Divisions• Biometrics

• E-business and e-banking

• Legal and regulatory

• Security and mobile devices

– Actively promotes standards


29

6.11 Authentication

• Authentication technologies – Kerberos

– Biometrics

– Single sign-on


30

6.11.1 Kerberos

• Firewalls do not protect against internal threats• Kerberos:

– uses symmetric secret-key cryptography for authentication and integrity

– Ticket Granting Service: similar to key distribution center

– Using the system• Client logs into server

• TGS returns ticket-granting ticket (TGT) encrypted with client’s secret key

• Only client can decrypt message, authentication

• Client returns decrypted message

• TGS grants service ticket with expiration time


31

6.11.2 Biometrics

• Biometrics– Identification through fingerprint, iris scan or face scan

– Biometric Application Programming Interface: in future Windows versions

– Two-factor authentication: two means for authentication • Biometrics and a smart card

• Wireless biometrics– Keyware Inc.: stores voiceprints on central server

• Also layered biometric verification: face, finger and voice ID simultaneously

– Identix Inc.: fingerprint scanning on handheld device

– Memory and cost impede wireless biometrics production

– Biometrics raises privacy issues: personal info on databases


32

6.11.3 Single Sign-On

• Remembering multiple passwords for different machines can be difficult

• Single Sign-On: allows users to login once with a single password to multiple machines.

• Single Sign-On services– workstation log on scripts

– authentication server scripts

– tokens


33

6.12 Security Attacks

• Denial-of-service attacks• Viruses and worms• Wireless attacks• Software Exploitation, Web Defacing and

Cybercrime


34

6.12.1 Denial-of-Service (DoS) Attacks

• Flooding servers with data packets– Networked computers crash or disconnect

– Networks resources expended restricting access of legitimate users

• Routing table attack– Routing table: provide directions for network’s data

– When routing tables modified, network disabled

• Distributed denial-of-service attack– Multiple computers flood server

• Hackers– Those responsible for viruses and denial-of-service attacks


35

6.12.2 Viruses and Worms

• Viruses– Code attaches to/overwrites other programs for replication

– Viruses can corrupt files and wipe out hard drives

– Spread by sharing infected embedded files

– Virus classes• Transient virus: activated only when attached program is run

• Resident virus: once loaded, operates for computer use

• Logic bomb: triggers when condition met (time, event, etc…)

• Trojan horse: malicious program that simulates identity of legitimate program

• Backdoor program: resident viruses that give sender complete access to computer resources

– Famous viruses: Melissa and ILOVEYOU


36

6.12.2 Viruses and Worms

• Worms– Similar to viruses, but spread by themselves

• Do not need program attachment

• McAfee antivirus utilities– For continuous and non-continuous connections and wireless

users• VirusScan®: for non-continuous connections

• McAfee.com clinic: network and continuous connections – scans files and programs and checks for virus updates


37

6.12.3 Wireless Attacks

• Experts predict many viruses and worms will spread to cell phones in the future

• Wireless attacks– Liberty Trojan Horse virus infected Palm

– Phage virus also infected Palm• Activated during infrared transmissions

– Wireless devices lack memory to run most anti-virus programs

• Scripting languages used to create some viruses


38

6.11.3 Wireless Attacks

• Weaknesses in GSM– Doesn’t include encryption capabilities in default settings

– GSM base stations not authenticated• Man-in-the-middle attack with phony base station possible


39

6.12.4 Software Exploitation, Web Defacing and Cybercrime

• Cybercrimes– Software exploitation of program vulnerabilities

• Buffer overflow: program overwhelmed with more data than space allocated

– Web defacing: hackers illegally enter web site and change contents

• Company protective measures– Security policy: protects data and network

– Organizations should assess vulnerability

• Government actions– Nation Information Infrastructure Protection Act of 1996

• Denial-of-service attacks and virus distribution are federal crimes


40

6.13 Network Security

• Network security– Allow authorized users and prevent unauthorized users

access to the network

– Security and performance are inversely related

– Security options• Firewalls

• Intrusion detection systems

• Wireless network security


41

6.13.1 Firewalls

• Firewall: protects LAN from outside intruders– Can prohibit all data not allowed

– Can allow all data not prohibited

• Firewall types– Packet-filtering firewalls: rejects data from outside LAN that

has local network address (hacker who has stolen address)

– Application-level firewalls: screens data sent into LAN

• Firewall most effective security for small network• Air gap technology: complements firewall

– Separates internal from external network

– Restricts systems back office to external users

– E-Gap system: file inspection, no OS in memory bank


42

6.13.1 Firewalls

• System Administration, Networking, and Security (SANS) Institute – Research and education concerning security and certification

programs/publications

– Roadmap to Security Tools and Services Poster: • Resource of security information

– Sans Information Security Reading Room

– SANS offers three free newsletters

– Global Incident Analysis Center (GIAC)• Records and analyses attacks


43

6.13.2 Intrusion Detection Systems

• Intrusion Detection Systems– Host-based intrusion detection: monitors system and

application log files

– Network-based: monitors traffic

• Operationally Critical Threat, Asset and Vulnerability Evaluation (OCTAVE)– Identifies important information, sets security levels

– Examines system’s weaknesses

– Develops security strategy


44

6.14 Steganography

• Steganography: hiding information within other information– Digital watermark: mark indicating ownership of document

– Watermarking for digital audio• Data (licensing information) embedded in song

• Windows media will not play invalid files

– Giovanni digital watermarking• Cryptographic keys embed digital watermarks into music and

images


45

6.14 Steganography

Example of a conventional watermark.(Courtesy of Blue Spike, Inc.)

An example of steganography: Blue Spike’sGiovanni digital watermarking process.

(Courtesy of Blue Spike, Inc.)

2001 prentice hall, inc. all rights reserved. 1 chapter 6, security outline 6.1 introduction...

Documents

key management

publickey cryptography

separate secret key

network security

encrypted data key

security protocols

receiver session key

security outline