l0. introduction
DESCRIPTION
L0. Introduction. Rocky K. C. Chang , January 2013. The Internet is inherently insecure. Internet backbone infrastructure: DoS , worm Routing protocols (BGP): route hijacking DNS: poisoning, DoS - PowerPoint PPT PresentationTRANSCRIPT
L0. Introduction
Rocky K. C. Chang, January 2013
The Internet is inherently insecure.
2Rocky K. C. Chang
Internet backbone infrastructure: DoS, worm Routing protocols (BGP): route hijacking DNS: poisoning, DoS Core Internet protocols (e.g., IP, TCP/UDP, HTTP):
eavesdropping, modification, authentication LAN security: eavesdropping, modification,
authentication Host security (e.g., Web servers, database): DoS,
authentication, phishing, malicious software implant, identity and data theft, data exfiltration, etc.
Internet security is inherently complex.
3Rocky K. C. Chang
A packet goes through many hops and links. Involve from the physical layer and up.
Physical layer security Network security System security Application security
Complexity in software and protocols Software ages Some protocol fields are never tested.
The weakest link The human factor The success of Internet makes things worse. Security verses privacy (anonymity) How to measure security?
Internet security is more than cryptography.
4Rocky K. C. Chang
Cryptography is not the solution to many security problems, e.g., software exploit, DoS.
The vulnerability could come from the implementations of the cryptographic algorithms.
Cryptography affects performance. Ease of use
Security involves
5Rocky K. C. Chang
Threats: potential violation of security Policies
Security policies: trust and access control Confidentiality policies: The Bell-LaPadula model Integrity policies: Clark-Wilson integrity model Hybrid policies: Chinese Wall models
Design and implementation Identity representation, access control lists, information
flow, etc Encryption and key management Authentication (human, user account, machine, service)
Security involves
6Rocky K. C. Chang
How to ascertain how well a system meets its security goals? Assurance, system evaluation (TCSEC)
Miscellaneous, e.g., Viruses, worms, software security Auditing Intrusion detection System security Network security User security
This course is not about
7Rocky K. C. Chang
Cryptography, the art of secret writing, Writing computer viruses and worms, Special techniques of attacking and defending, The lower layer security measures, System security, Biometrics, Application-specific security …
This course is about
8Rocky K. C. Chang
Understand the 3 fundamental cryptographic functions used in network security.
Understand the issues involved when applying the cryptographic functions to the network protocols.
Understand the main elements in securing today’s Internet infrastructure.
Exposed to some current Internet security problems.
Purposes of network security
9Rocky K. C. Chang
Confidentiality (or secrecy): Prevent others from reading information shared between two participants.
Authentication: Verify someone’s or something’s identity. Message integrity: Assure that the message received has
not be altered since it was generated by a legitimate source.
Nonrepudiation: A sender should not be able to falsely deny later that he sent a message.
Legitimate (and authorized) usage: Ensure that the network and system resources are properly utilized.
Possible threats
10Rocky K. C. Chang
Obtaining information for … Secrecy, authentication
Modifying information for … Authentication, message integrity
Stealing information for … Secrecy, authentication, legitimate usage
Lying electronically for … Nonrepudiation
Backmail for … Secrecy, legitimate usage, message integrity
Revenge for … Legitimate usage, message integrity
Testing for … Legitimate usage, message integrity
Contracted for … Secrecy, authentication, legitimate usage, message integrity
Fun for … Secrecy, authentication, legitimate usage, message integrity
The goals of security
11Rocky K. C. Chang
Prevention: Confidentiality, source authentication, nonrepudiation, and
legitimate usage Active countermeasures
Detection: Message authentication, nonrepudiation, and legitimate usage Active and passive countermeasures
Recovery: Legitimate usage Rely on the detection.
Traceback: Locate the actual attack source(s).
Scope of considerations
12Rocky K. C. Chang
Two cases The secrecy, message integrity, authentication, and
nonrepudiation services are provided by some cryptographic functions.
Denial-of-service, worms, viruses, etc Scope:
Concern mainly communication between two parties (group communication security is another important topic).
Concern attacks against protocols, not those against cryptographic algorithms or cryptographic techniques used to implement the algorithms.
Cryptography
13Rocky K. C. Chang
Plaintext (encryption) ciphertext Ciphertext (decryption) plaintext What is the secret?
The cryptographic algorithm (restricted algorithm) The cryptographic algorithm is not a secret, but the key is.
Level of security the length of the key the time of discovering the key using brute force
The security problem is reduced to the securing of the key.
Types of attacks
14Rocky K. C. Chang
Passive attacks (eavesdropping), e.g., ciphertext-only attacks (recognizable plaintext attacks)
Fred has seen some ciphertext. known-plaintext attacks
Fred has obtained some <plaintext, ciphertext> pairs. chosen-plaintext attacks
Fred can choose any plaintext he wants. Active attacks, e.g.,
pretend to be someone else introduce new messages in the protocol delete existing messages substituting one message for another replay old messages
Three cryptographic functions Hash functions: require 0 key Secret key functions: require 1 key Public key functions: require 2 keys
Secret keyfunctions
Public keyfunctions
Hashfunctions
Secrecyservice
Authenticationservice
Messageintegrity service
Nonrepudiationservice
15Rocky K. C. Chang
Secret key (symmetric) cryptography
16Rocky K. C. Chang
Given: Alice and Bob agree on a secret key cryptosystem. Alice and Bob agree on a key (secret) K.
Encryption and decryption using the key. Alice encrypts M with K: K{M} Bob decrypts K{M} with K M
Problems: Keys must be distributed in secret. Compromising keys means compromising all aspects of security. The number of keys is not scalable to the user population size.
Usages of the secret key cryptography Transmitting over an insecure channel Secure storage on insecure media Authentication:
Challenge-response authentication with shared secret
Message integrity check
rA
rB encrypted with K
rA encrypted with K
rB
Alice Bob
17Rocky K. C. Chang
Public key (asymmetric) cryptography
18Rocky K. C. Chang
Given: Alice and Bob agree on a public key cryptosystem. Alice owns a pair of public key and private key, and Bob
knows Alice’s public key, which is not a secret. Encryption using the public key and decryption using
the private key. Alice encrypts M with Bob’s public key: {M}Bob
Bob decrypts {M}Bob with its private key M Generate a digital signature on a message:
Alice signs M with its private key: [M]Alice.
Bob verifies Alice’s signature on [M]Alice with Alice’s public key.
Usages of the public key cryptography Problems:
Public-key algorithms are slow. Secret key algorithms are at least 1,000 times faster.
Obtain the public key reliably. Usages:
Transmitting over an insecure channel Secure storage on insecure media (difference as compared with the secret key
cryptography?) Authentication:
Nonrepudiation with the digital signatures.
r encrypted with Bob’s public key
decrypted with Bob’s private key
Alice Bob
19Rocky K. C. Chang
Hash functions
20Rocky K. C. Chang
A hash (message digest or one-way function) produces a short, fixed-sized output h(m) for a message m.
Properties: One-way functions are relatively easy to compute, i.e.,
given x and compute h(x). However, given h(x), it is significantly harder to compute
x. It is computationally infeasible to find two inputs that hash
to the same value.
Usages of hash functions
21Rocky K. C. Chang
Password hashing Message integrity
Keyed hash: compute h(message | key) and send the result with the message.
Message fingerprinting Downline load security Digital signature efficiency
Securing the Internet
22Rocky K. C. Chang
IP Security (IPSec) TCP and UDP insecurity SSL/TLS DNS security Firewalls DoS attacks and the countermeasures Buffer overflow attacks and the
countermeasures Wireless LAN security
Acknowledgments
23Rocky K. C. Chang
This set of notes is based on C. Kaufman, R. Perlman, and M. Speciner, Network
Security: Private Communication in Public World, Second Edition, Prentice Hall PTR, 2002.
L. Peterson and B. Davie, Computer Networks: A Systems Approach, Morgan Kaufmann, 2000.
B. Schneier. Applied Cryptography, Second Edition, Wiley, 1996.
M. Bishop, Introduction to Computer Security, Addison Wesley, 2005.