![Page 1: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/1.jpg)
Chapter 9
Security
![Page 2: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/2.jpg)
Topics Introduction
Threats, mechanisms, cryptography Security channel
Authentication, integrity, confidentiality Access control
Firewall, secure mobile code Security management Examples
Kerberos, E-commerce
![Page 3: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/3.jpg)
What Do We Need to Protect? Data
Information we keep on computers (product design, financial records, personnel data)
Resources Unauthorized use of computer time & space
Reputation Misrepresentation, forgery, negative
publicity
![Page 4: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/4.jpg)
Fundamental Security Objectives Confidentiality - Protection from
unauthorized persons Integrity - consistency of data; no
unauthorized creation, alteration or destruction
Availability - ensuring access to legitimate users
Access control - ensuring appropriate use by authorized users
![Page 5: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/5.jpg)
Security Threats Interception
Unauthorized access to a service or data Eavesdropping
Interruption Unavailable of service or data Denial of service attack
Modification Unauthorized changing of data
Fabrication Adding data or activity normally not exist.
Security policy
![Page 6: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/6.jpg)
Examples: Threat
Client ServerRequest
Response
replay
Attacker Server
Denial of service
Eavesdropping
![Page 7: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/7.jpg)
Example: Security Policy Chinese Wall Model: widely used in
financial world Group datasets into “conflict of interest
classes” Subjects are allowed to access to at most
one dataset belonging to each such conflict of interest class
Subject s can access company c’s data only if
a) s has already accessed c’s data or b) s has not yet accessed any of c’s
competitors’ data s can write to c’s data only if s can not read
any other company’s sensitive data Mandatory security policy for UK Stock
Exchange.
![Page 8: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/8.jpg)
Security Mechanisms Encryption
Transform data to achieve confidentiality and integrity
Authentication Verify the identify of user
Authorization Check the permission
Auditing Trace the accesses, used for analysis
![Page 9: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/9.jpg)
Cryptography
Intruders and eavesdroppers in communication.
![Page 10: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/10.jpg)
Classifications Symmetric cryptography: shared Key
P=DK(EK(P)) DES
Asymmetric cryptography: a pair of keys P=DKD(EKE(P)) RAS
Hash function: one way function, not reversible h=H(m) MD5
![Page 11: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/11.jpg)
Notations
Notation Description
KA, B Secret key shared by A and B
Public key of A
Private key of A
K A
K A
![Page 12: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/12.jpg)
DES
a) The principle of DESb) Outline of one encryption round
64-bit data block
![Page 13: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/13.jpg)
Key Generation
![Page 14: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/14.jpg)
Attacking DES Cryptanalysis
Relies on nature of the encryption algorithm and additional knowledge of the general types of plain texts (frequencies of letters etc.)
Some samples of plain- and cipher texts Brute-force
Test every possible key on some cipher text until readable result be done in advance if key is not changed
![Page 15: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/15.jpg)
Brute-force Key SearchKey size (bits)
Key space size Mean time requiredat 1 key test/sec
32 232 = 4.3 x 109 35.8 minutes
56 (DES) 256 = 7.2 x
1016
1,142 years
128 2128 = 3.4 x
1038
5.4 x 1024 = 300 billion big bangs
168 2168 = 3.7 x
1050
5.9 x 1036 big bangs
Don’t get impressed easily: DES can now be cracked in hours!
![Page 16: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/16.jpg)
Triple DES
![Page 17: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/17.jpg)
Public-Key Cryptosystems
E K+ (.)
Public key K+
Plaintext P Ciphertext C P
Encryption Decryption
DK-(.)
Private key K
E K- (.)
Public key K+
Plaintext P Ciphertext C P
Encryption Decryption
DK+(.)
Private key K
![Page 18: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/18.jpg)
Idea Questions:
314159265358979 * 314159265358979=? 3912571506419387090594828508241 = ?*?
Idea: Use easy algorithm for encryption. Use difficult algorithm for decryption
A user picks a public key/private key pair publish the public key private key not published
![Page 19: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/19.jpg)
RSA: Rivest, Shamir and Adleman Foundation: no known method that can
efficiently find the prime factors of large numbers.
In RSA, private and public keys are constructed from very large prime numbers (consisting of hundreds of decimal digits)
Four steps to construct the keys: Choose two very large prime numbers, p and q Compute n = p x q and z = (p – 1) x (q – 1) Choose a number d that is relatively prime to z Compute the number e such that e x d = 1 mod z
![Page 20: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/20.jpg)
How It Works? How it works?
Encryption: C = Pe mod n Decryption: P = Cd mod n K+ = (e, n), K = (d, n) The intruder needs to factor n into p and q to crack the
code. Higher cost of computation. Problems:
1) Is the number of primes infinite? Yes! 2) Are they scarce? Yes! 4% of the first 25 billion
numbers. And the percentage drops as the numbers get bigger.
Implication: it is tricky to propose a new prime number. E.g., is 687,532,127 a prime?
![Page 21: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/21.jpg)
Example (1)To find a key pair e, d: 1. Choose two large prime numbers, P and Q (each greater than 10100), and form:
n = P x Q Z = (P–1) x (Q–1)
2. For d choose any number that is relatively prime with Z (that is, such that d has no common factors with Z).
We illustrate the computations involved using small integer values for P and Q:
P = 13, Q = 17 –> n = 221, Z = 192 d = 5
3. To find e solve the equation:e x d = 1 mod Z
That is, e x d is the smallest element divisible by d in the series Z+1, 2Z+1, 3Z+1, ... .
e x d = 1 mod 192 = 1, 193, 385, ...385 is divisible by de = 385/5 = 77
![Page 22: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/22.jpg)
Example (2)To encrypt text using the RSA method, the plaintext is divided into equal blocks
of length k bits where 2k < n (that is, such that the numerical value of a block is always less than n; in practical applications, k is usually in the range 512 to 1024).
k = 7, since 27 = 128 The function for encrypting a single block of plaintext M is:
E'(e, n, M) = Me mod nfor a message M, the ciphertext is M77 mod 221
The function for decrypting a block of encrypted text c to produce the original plaintext block is:
D'(d, n, c) = cd mod nRivest, Shamir and Adelman proved that E' and D' are mutual inverses
(that is, E'(D'(x)) = D'(E'(x)) = x) for all values of P in the range 0 ≤ P ≤ n.
![Page 23: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/23.jpg)
Secret Message
![Page 24: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/24.jpg)
Signature
Remark: Goal of a signature is to guarantee, that the receiver is sure that the received message is from the sender. However, anyone with Gerd’s public key of Gerd can also read.
![Page 25: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/25.jpg)
Message Digest Cryptographic checksum
Just as a regular checksum protects the receiver from accidental changes to the message , a cryptographic checksum protects the receiver from malicious changes.
One-way function Given a cryptographic checksum for a msg, it is virtually
impossible to figure out what msg produced that checksum; it is not computationally feasible to find two msg that hash to the same cryptographic checksum.
Relevance If you are given a checksum for a message & you are
able to compute exactly the same checksum for that message, then it is highly likely this message produced the checksum you were given.
![Page 26: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/26.jpg)
Hash Function: MD5
For each round, four functions are applied. And each function has 16 iterations.
![Page 27: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/27.jpg)
MD5: Iterations
![Page 28: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/28.jpg)
Requirements
m MD5(m)Received msg:
MD5(m) Compare
Weak collision resistance: given m and h, difficult to find m’ such that h=H(m’)
Strong collision resistance: given h, difficult to find m and m’ such that H(m)=H(m’).
![Page 29: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/29.jpg)
Tamper Proof
m K− { MD5(m) }Received msg:
MD5(m) Compare
K+ K− { MD5(m)}
Using K+ and K−
![Page 30: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/30.jpg)
Secure Channels Main model of DS: client-server
Servers may be distributed and replicated How to secure a DS?
Establish secure communication between client/server
Authentication of communicating partners Ensuring message integrity and confidentiality
Establish authorization How to be sure on the server side, that a client is
allowed to get the requested service? Access control
Two principles: Set-up phase precedes message exchange Session keys to ensure message integrity
![Page 31: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/31.jpg)
Setup Phase Suppose Alice and Bob want to
communicate with each other, Alice at machine M1 and Bob at machine M2: 1. Alice is setting up a communication
channel, a) Either by sending a message directly to Bob or b) by sending a corresponding message to a trusted
third party, helping to set up this channel 2. Once the channel has been set up, both
sides know for sure, that they can exchange messages
![Page 32: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/32.jpg)
Authentication on Shared Key
![Page 33: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/33.jpg)
Optimization?
![Page 34: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/34.jpg)
Reflection Attack
Consequence: use different challenges for initiator and responder
![Page 35: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/35.jpg)
Scalability of Session Keys Suppose we have N hosts each sharing
a secret key with each of the other N-1 hosts DS has (N-1)*N/2 secret session keys and
each host has manage (N-1) session keys For large N #session keys will be a problem Instead you can install a trusted key
distribution center KDC on one of the nodes of the DS
![Page 36: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/36.jpg)
Authentication: Key Distribution Center
![Page 37: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/37.jpg)
Improvement
Using a ticket and letting Alice set up a connection to Bob.
Ticket
![Page 38: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/38.jpg)
Needham-Schroeder Authentication Protocol In early distributed systems (1974-84) it was difficult to
protect the servers E.g. against masquerading attacks on a file server because
there was no mechanism for authenticating the origins of requests
public-key cryptography was not yet available or practical computers too slow for trap-door calculations RSA algorithm not available until 1978
Needham and Schroeder therefore developed an authentication and key-distribution protocol for use in a local network
An early example of the care required to design a safe security protocol
Introduced several design ideas including the use of nonces.
![Page 39: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/39.jpg)
Illustration nonc
e
Nonce: a random number used only once. The purpose is to uniquely relate two messages to each other.
Q1: Why include B in message 2?Q2: How about if a chuck knows an old key KA,B?
![Page 40: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/40.jpg)
Enhancement
Protection against malicious reuse of a previously generated session key in the Needham-Schroeder protocol.
![Page 41: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/41.jpg)
Authentication Using Public-Key Cryptography
Mutual authentication in a public-key cryptosystem.
Q: how to exchange public keys?
![Page 42: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/42.jpg)
Message Integrity & Confidentiality
![Page 43: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/43.jpg)
Digital Signature Goals:
To authenticate stored document files as well as messages To protect against forgery To prevent the signer from repudiating a signed document
(denying their responsibility) Encryption of a document in a secret key constitutes a
signature- impossible for others to perform without knowledge of the
key- strong authentication of document- strong protection against forgery- weak against repudiation (signer could claim key was
compromised)
![Page 44: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/44.jpg)
Illustration
Digital signing a message using public-key cryptography.
![Page 45: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/45.jpg)
Digital Signature (2)
Digitally signing a message using a message digest.
![Page 46: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/46.jpg)
Certificate Authority (CA) Verify the owner of a public key
Maintain the (owner, public_key) by a certificate authority
CA are organized in a hierarchy. For each merchant, it issues a certificate. The names of CA are widely known, e.g.
Verisign. Chain of trust
Certified by a higher-level CA: the central authority: IPRA
![Page 47: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/47.jpg)
CA Hierarchy
User User User
User User User User User
CA CA
CA
CA CA CA
PCA1 PCA2
IPRA
PCA3
CA
CA
IPRA= Internet Policy Registration Authority (root)
PCA= policy certification authority
CA = certification authority
![Page 48: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/48.jpg)
Certificate Authorities in X.509
![Page 49: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/49.jpg)
X.509 Certificate Format
CA Digital Signature
Subject Unique IDIssuer Unique ID
Subject PublicKey Info
Subject X.500 NameValidity Period
Issuer (CA) X.500 NameSignature Algorithm ID
Serial NumberVersion
Algorithm ID
Public Key Value
![Page 50: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/50.jpg)
SSL Handshake(PK_alg, encr_alg, MD)
K-C { R }
Optional
![Page 51: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/51.jpg)
SSL Record ProtocolApplication data abcdefghi
abc def ghiRecord protocol units
Fragment/combine
Compressed units
Compress
MAC
Hash
Encrypted
Encrypt
TCP packet
Transmit
Message digest
![Page 52: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/52.jpg)
Confidential Group Communication Goal: secure channels between
each pair of nodes Share one key? Share a key between each pair of
nodes? Each node has its own private key
but all the nodes share a public key.
![Page 53: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/53.jpg)
Access Control
![Page 54: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/54.jpg)
General Issues in Access Control
General model of controlling access to objects.
![Page 55: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/55.jpg)
Access Control Access control
Matrix• Access Control
List• Capabilities.
![Page 56: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/56.jpg)
Protection Domains
The hierarchical organization of protection domains as groups of users.
![Page 57: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/57.jpg)
Firewalls
Common implementations of a firewall, e.g. a packet-filtering router or an application gateway
![Page 58: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/58.jpg)
Firewall Solutions Definition - hardware &/or software
components that restrict access between a restricted network & the Internet or between networks
Logically - a separator, restricter, analyzer Rarely a single object
Restricts people to entering at a controlled point Prevents attackers from getting close to other
defenses (host controls) Restricts people to leaving at a controlled point
![Page 59: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/59.jpg)
Firewall Capabilities Focus security decisions - single
point to leverage control Enforce security policy -minimize
exceptions Log Internet activity - analysis Limit exposure - separate sensitive
areas of one network from another or outside world
![Page 60: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/60.jpg)
Firewall Limitations Can’t protect against
malicious insiders connections that don’t go through it new threats viruses
scans for source & destination addresses & port numbers, not details of data
![Page 61: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/61.jpg)
Types of Firewalls Simple traffic logging systems
audit log file of files accessed (HTTPD) site usage/demand hours/links/browsers used
IP Packet Screening Routers (packet filtering gateway) not only looks at ‘can’ it route, but ‘should’ it selectively routes or blocks packets based on
rules based on protocols, destination (port 80),
known source IP addresses
![Page 62: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/62.jpg)
Types of Firewalls (cont.) Hardened Firewall Host (hardware)
Halts unauthorized users Concentrates security, hides internal system
names, centralizes & simplifies net management
Proxy Server (software) Deals with external server requests on
behalf of internal clients May limit certain HTTP methods (CGI or Java
applets)
![Page 63: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/63.jpg)
Filtering Router
Internet
Mail server(port=25)
Filtering router
Intranet
Check the source and destination address.
Make decisions based on security policies.
![Page 64: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/64.jpg)
Filtering Router and Bastion Host
Firewall Architectures Dual-homed host (two network interfaces)
One communicates externally, one internally No direct communication internal to external
hosts
Real Server
Proxy Client/Internal Host
Proxy Server
Dual-homed HostInternet
![Page 65: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/65.jpg)
Advantages All accesses can be logged Reduce the number of Internet
connections by making it a caching proxy
Does not reveal the names and addresses of actual clients inside
But: slow down page downloading by an order of magnitude.
![Page 66: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/66.jpg)
Other Variations Multiple Bastion Hosts
Performance, redundancy, need to separate data & servers Usenet, SMNP/DNS, FTP/WWW
Merge Interior & Exterior Routers Sufficient capability to specify inbound & outbound filters Usually on the perimeter network
Merge Bastion Host & Exterior Router Use Multiple Exterior Routers
Multiple connections to Internet or Internet + other sites Multiple Perimeter Nets
Redundancy, privacy
![Page 67: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/67.jpg)
Futures Third-generation Firewalls
combined features of packet filtering & proxy systems
Client & server apps with native support for proxied environments
Dynamic packet filtering Packet rules modified “on the fly” in response to
triggers Underlying Internet protocol undergoing
revisions - IPv6
![Page 68: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/68.jpg)
Not Recommended Merging Bastion Host & Interior Router
Breach of host leaves access to internal net
Using Multiple Interior Routers Routing software could decide fastest way to
another internal system is via the perimeter net Difficult to keep multiple interior routers
configured correctly Most important & complex set of packet filters May need to use multiples to resolve
performance bottlenecks or separate internal networks
![Page 69: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/69.jpg)
Private Network
![Page 70: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/70.jpg)
Virtual Private Network
Station 100Station 200
InternetIntranet A Intranet B
Router RBRouter RATunneling
200 Data RB
encrypted
![Page 71: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/71.jpg)
Tunneling
![Page 72: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/72.jpg)
Virus
![Page 73: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/73.jpg)
Virus
![Page 74: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/74.jpg)
Memory-Resident Virus
Runs whenever certaininterrupts occur.
![Page 75: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/75.jpg)
Encrypted virus
To conceal signature.
![Page 76: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/76.jpg)
Worms: Illustration
Program
Staticallyallocated
data
Stack
Low address
High address
UNIX Address Space
![Page 77: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/77.jpg)
Procedure Call
StackHigh address
para1para2
ret[PC] Return address
Buffer area allocatedby called fingerd(512 bytes)
E.g., finger aabbcc aabbcc
![Page 78: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/78.jpg)
Buffer Overflow
para1para20100[PC] Return address
E.g., finger aabb…zz aabbcc……
0100
Malicious program(binary)
Stack
![Page 79: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/79.jpg)
Security Management
![Page 80: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/80.jpg)
Key Establishment
The principle of Diffie-Hellman key exchange.
![Page 81: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/81.jpg)
Key Distribution (1)
Secret-key distribution
![Page 82: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/82.jpg)
Key Distribution (2)
Public-key distribution: Certificate
![Page 83: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/83.jpg)
Secure Group Management
Securely admitting a new group member P.
![Page 84: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/84.jpg)
Authorization Management
![Page 85: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/85.jpg)
Capabilities
48 bits 24 bits 8 bits 48 bits
Server port Object Rights Check
A capability in Amoeba.
![Page 86: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/86.jpg)
Capabilities Generation
Generation of a restricted capability from an owner capability.
![Page 87: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/87.jpg)
Delegation Transfer the access rights on files,
resources, etc. Suppose Alice wants to delegate rights to
Bob If Alice knows everyone, broadcast the
certificate Otherwise, construct a certificate saying “The
bearer of this certificate has rights R.” Problems? Using proxy, a token that allows its owner to operate
with the rights granted in the token.
![Page 88: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/88.jpg)
The General Structure of A Proxy
![Page 89: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/89.jpg)
Delegating And Exercising Rights
![Page 90: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/90.jpg)
Example: Kerberos (1)
Authentication in Kerberos.
![Page 91: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/91.jpg)
Example: Kerberos (2)
Setting up a secure channel in Kerberos.
![Page 92: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/92.jpg)
Electronic Payment Systems (1)
Payment systems based on direct payment between customer and merchant.
a) Paying in cash.b) Using a check.c) Using a credit
card.
![Page 93: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/93.jpg)
Electronic Payment Systems (2)
Payment systems based on money transfer between banks.
a) Payment by money order.b) Payment through debit order.
![Page 94: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/94.jpg)
Privacy Issue Using cash Using credit card Online
![Page 95: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/95.jpg)
Digital Money Suppose Alice wants to pay $12 to Bob
Contact her bank and request withdrawal $12 Bank hands out digital money (each note is
signed) Each note carries a unique serial number
Hand over the notes to Bob Bob contact the bank if the money has been
used. Problem: privacy issue. Solution: blind signature
![Page 96: Chapter 9 Security. Topics Introduction Threats, mechanisms, cryptography Security channel Authentication, integrity, confidentiality Access control Firewall,](https://reader034.vdocuments.us/reader034/viewer/2022042608/56649d605503460f94a41c16/html5/thumbnails/96.jpg)
E-cash
The principle of anonymous electronic cash using blind signatures.