ict 6621 : advanced networkingkhaled mahbub, iict, buet, 2008 lecture 12 network security (2)
TRANSCRIPT
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Lecture 12
Network Security (2)
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Outline• Network Security Concepts
• Principles of cryptography
• Authentication
• Integrity
• Key Distribution and certification
• Security in different layers– E-Mail Security (Application)– Web Security
• SSL – The Secure Sockets Layer (Application-Transport)– Communication Security (Network/Data Link)
• IPSec• Firewalls
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Trusted Intermediaries
Symmetric key problem:• How do two entities
establish shared secret key over network?
Solution:• trusted key distribution
center (KDC) acting as intermediary between entities
Public key problem:• When A obtains B’s
public key (from web site, e-mail, diskette), how does it know it is B’s public key, not C’s?
Solution:• trusted certification
authority (CA)
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Key Distribution Center (KDC)• A and B need shared symmetric key.
• KDC: server shares different secret key with each registered user (many users)
• A and B know own symmetric keys, KA-KDC KB-KDC , for communicating with KDC.
KB-KDC
KX-KDC
KY-KDC
KZ-KDC
KP-KDC
KB-KDC
KA-KDC
KA-KDC
KP-KDC
KDC
A
BP
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Key Distribution Center (KDC)Q: How does KDC allow B and A to determine shared
symmetric secret key to communicate with each other?
A and B communicate: using R1 as session key for shared symmetric encryption
A knows R1
B knows to use R1 to communicate with A
KDC generates R1
KB-KDC(A,R1)
KA-KDC(A,B)
KA-KDC(R1, KB-KDC(A,R1) )
AB
• Kerberos is an authentication service developed at MIT that uses symmetric key encryption techniques and a Key Distribution Center. The Kerberos Authentication Server (AS) plays the role of the KDC.
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Certification Authorities• Certification authority (CA): binds public key to particular
entity, E.
• E (person, router) registers its public key with CA.– E provides “proof of identity” to CA. – CA creates certificate binding E to its public key.– certificate containing E’s public key digitally signed by CA – CA
says “this is E’s public key”
B’s public
key K B+
B’s identifying informatio
n
digitalsignature(encrypt)
CA private
key K CA-
K B+
certificate for B’s public key,
signed by CAB
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Certification Authorities• When A wants B’s public key:
– gets B’s certificate (from B’s Web page, e-mail message or elsewhere).
– apply CA’s public key to B’s certificate, get B’s public key
B’s public
key K B+
digitalsignature(decrypt)
CA public
key K CA+
K B+
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
A Certificate Contains
Field Description
version version number of X.509 specification (standard for Certification, developed by IETF)
serial number CA-issued unique identifier for a certificate
signature specifies the algorithm used by CA to "sign" this certificate
Issuer name identity of CA issuing this certificate
Validity period start and end of period of validity for certificate
Subject name identity of entity whose public key is associated with this certificate
Subject public key the subject's public key as well as an indication of the public key algorithm (and algorithm parameters) to be used with this key
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Outline• Network Security Concepts
• Principles of cryptography
• Authentication
• Integrity
• Key Distribution and certification
• Security in different layers– E-Mail Security (Application)– Web Security
• SSL – The Secure Sockets Layer (Application-Transport)
– Communication Security (Network/Data Link)• IPSec• Firewalls
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Secure e-mail• A wants to send confidential e-mail, m, to B
KS( ).
KB( ).+
+ -
KS(m
)
KB(KS )+
m
KS
KS
KB+
Internet
KS( ).
KB( ).-
KB-
KS
mKS(m
)
KB(KS )+
A B
• A:– generates random symmetric private key, KS.
– encrypts message with KS
– also encrypts KS with B’s public key.
– sends both KS(m) and KB(KS) to B.
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Secure e-mail• A wants to send confidential e-mail, m, to B
KS( ).
KB( ).+
+ -
KS(m
)
KB(KS )+
m
KS
KS
KB+
Internet
KS( ).
KB( ).-
KB-
KS
mKS(m
)
KB(KS )+
A B
• B:
– uses his private key to decrypt and recover KS
– uses KS to decrypt KS(m) to recover m
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Secure e-mail• A wants to provide sender authentication, message integrity.
• “A” applies a hash function, H (e.g., MD5), to message m to obtain a message digest
• encrypts the result of the hash function with private key, to create a digital signature
• sends both message (in the clear) and digital signature.
H( ). KA( ).-
+ -
H(m )KA(H(m))-
m
KA-
Internet
m
KA( ).+
KA+
KA(H(m))-
mH( ). H(m )
compareA B
• “B” applies the hash function, H (e.g., MD5), to message m to obtain a message digest,
• applies A's public key, to signature
• compares the result of the operations
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Secure e-mail• A wants to provide secrecy, sender authentication,
message integrity.
“A” uses three keys: her private key, B’s public key, newly created symmetric key
H( ). KA( ).-
+
KA(H(m))-
m
KA-
m
KS( ).
KB( ).+
+
KB(KS )+
KS
KB+
Internet
KS
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Pretty Good Privacy (PGP)
• Internet e-mail encryption scheme, de-facto standard.• uses symmetric key cryptography, public key cryptography, hash
function, and digital signature as described.• provides secrecy, sender authentication, integrity.• inventor, Phil Zimmerman.
---BEGIN PGP SIGNED MESSAGE---Hash: SHA1B: Hello there, the journey was very
good one… , A---BEGIN PGP SIGNATURE---Version: PGP 5.0Charset: noconvyhHJRHhGJGhgg/
12EpJ+lo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2
---END PGP SIGNATURE---
A PGP signed message:
-----BEGIN PGP MESSAGE-----
Version: PGP 5.0
u2R4d+/jKmn8Bc5+hgDsqAewsDfrGdszX68liKm5F6Gc4sDfcXyt
RfdSlOjuHgbcfDssWe7/K=lKhnMikLo0+l/BvcX4t==Ujk9PbcD4
Thdf2awQfgHbnmKlok8iy6gThlp
-----END PGP MESSAGE
A secret PGP message:
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Outline• Network Security Concepts
• Principles of cryptography
• Authentication
• Integrity
• Key Distribution and certification
• Security in different layers– E-Mail Security (Application)– Web Security
• SSL – The Secure Sockets Layer (Application-Transport)– Communication Security (Network/Data Link)
• IPSec• Firewalls
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Secure Sockets Layer (SSL)
• transport layer security to any TCP-based application using SSL services.
• used between Web browsers, servers for e-commerce (https).
• security services:– server authentication
– data encryption
– client authentication (optional)
• server authentication:– SSL-enabled browser
includes public keys for trusted CAs.
– Browser requests server certificate, issued by trusted CA.
– Browser uses CA’s public key to extract server’s public key from certificate.
• Do it yourself: check your browser’s security menu to see its trusted CAs.
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
SSL
Encrypted SSL session:• Browser generates
symmetric session key, encrypts it with server’s public key, sends encrypted key to server.
• Using private key, server decrypts session key.
• Browser, server know session key– All data sent into TCP
socket (by client or server) encrypted with session key.
• SSL: basis of IETF Transport Layer Security (TLS).
• SSL can be used for non-Web applications, e.g., IMAP.
• Client authentication can be done with client certificates. (if needed)
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Outline• Network Security Concepts
• Principles of cryptography
• Authentication
• Integrity
• Key Distribution and certification
• Security in different layers– E-Mail Security (Application)– Web Security
• SSL – The Secure Sockets Layer (Application-Transport)
– Communication Security (Network/Data Link)• IPSec• Firewalls
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
IPsec: Network Layer Security
• Network-layer secrecy: – sending host encrypts the data in
IP datagram– TCP and UDP segments; ICMP
and SNMP messages.
• Network-layer authentication– destination host can authenticate
source IP address
• Two principle protocols:– authentication header (AH)
protocol (authentication, integrity)– encapsulation security payload
(ESP) protocol (authentication, integrity, secrecy)
• For both AH and ESP, source, destination handshake:– create network-layer
logical channel called a security association (SA)
• Each SA unidirectional.• Uniquely determined by:
– security protocol (AH or ESP)
– source IP address– 32-bit connection ID
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Authentication Header (AH) Protocol
• provides source authentication, data integrity, no confidentiality
• AH header inserted between IP header, data field.
• protocol field: 51
• intermediate routers process datagrams as usual
AH header includes:• connection identifier (Security
Parameter Index, SPI)• authentication data: source-
signed message digest calculated over original IP datagram.
• next header field: specifies type of data (e.g., TCP, UDP, ICMP)
IP header data (e.g., TCP, UDP segment)AH header
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
ESP Protocol
• provides secrecy, host authentication, data integrity.
• next header field is in ESP trailer.
• data, ESP trailer encrypted.
• ESP authentication field is similar to AH authentication field.
• Protocol = 50.
IP header TCP/UDP segmentESP
headerESP
trailerESP
authent.
encryptedauthenticated
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Outline• Network Security Concepts
• Principles of cryptography
• Authentication
• Integrity
• Key Distribution and certification
• Security in different layers– E-Mail Security (Application)– Web Security
• SSL – The Secure Sockets Layer (Application-Transport)
– Communication Security (Network/Data Link)• IPSec• Firewalls
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Firewalls• isolates organization’s
internal net from larger Internet, allowing some packets to pass, blocking others.
administerednetwork
publicInternet
firewallFirewalls: Whyprevent denial of service attacks:
– flooding: attacker establishes many bogus TCP connections, no resources left for “real” connections.
prevent illegal modification/access of internal data.– e.g., attacker replaces CIA’s homepage with something else
allow only authorized access to inside network (set of authenticated users/hosts)
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Firewalls
• Typical configuration of firewall:– Two routers that
do packet filtering. These are standard routers equipped with some extra functionality.
– An application gateway that operates at the application level.
administered
network
publicInternet
Packet filteringrouter
Packet filteringrouter
Application gateway
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Packet Filtering
• internal network connected to Internet via router firewall• router filters packet-by-packet, decision to forward/drop
packet based on:– source IP address, destination IP address– TCP/UDP source and destination port numbers– ICMP message type– TCP SYN and ACK bits
Should arriving packet be allowed
in? Departing packet let out?
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Packet Filtering• Example 1: block incoming and outgoing datagrams with
IP protocol field = 17 and with either source or destination port = 23.– All incoming and outgoing UDP flows and telnet
connections are blocked.• Example 2: Block inbound TCP segments with ACK=0.
– Prevents external clients from making TCP connections with internal clients, but allows internal clients to connect to outside.
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Application Gateways• Filters packets on application
data as well as on IP/TCP/UDP fields.
• Example: allow select internal users to telnet outside.
1. Require all telnet users to telnet through gateway.2. For authorized users, gateway sets up telnet connection to
destination host. Gateway relays data between 2 connections3. Router filter blocks all telnet connections not originating from
gateway.
host-to-gatewaytelnet session
gateway-to-remote host telnet session
applicationgateway
router and filter
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Limitations of Firewalls and Gateways
• IP spoofing: router can’t know if data “really” comes from claimed source
• if multiple applications need special treatment, each has own application gateway.
• client software must know how to contact gateway.– e.g., must set IP address
of proxy in Web browser
• filters often use all or nothing policy for UDP.
• tradeoff: degree of communication with outside world, level of security
• many highly protected sites still suffer from attacks.
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Reading Material• Chapter 7 – text3 (Kurose)
• Chapter 8 – text2 (Tanenbaum)
Khaled Mahbub, IICT, BUET, 2008 ICT 6621 : Advanced Networking
Notice• Mid term 2 exam marks are available at,
http://teacher.buet.ac.bd/khaledmahbub/ANT_Exam_Marks.html
Bonus Marks:– Old Marking Scheme
• Mid Term 1 30%• Mid Term 2 30%• Final Exam 40%
– New Marking Scheme• Mid Term 1 25%• Mid Term 2 25%• Attendance 10%• Final Exam 40%