1 / 58

Lecture 24 Secure Communications

Lecture 24 Secure Communications. CS 450/650 Fundamentals of Integrated Computer Security. Slides are modified from Ian Goldberg. Who Attacks Networks. Hackers break into organizations from the outside Challenge Fame Money & Espionage Ideology

boris
Download Presentation

Lecture 24 Secure Communications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Lecture 24Secure Communications CS 450/650 Fundamentals of Integrated Computer Security Slides are modified from Ian Goldberg

  2. Who Attacks Networks • Hackers break into organizations from the outside • Challenge • Fame • Money & Espionage • Ideology • However, most security breaches are internal, by employees and ex-employees 2 CS 450/650 – Lecture 24: Secure Communications

  3. Threat Precursors • Port Scan • Social Engineering • Reconnaissance • Bulletin Board / Chat • Docs • Packet Sniffers (telnet/ftp in cleartext) 3 CS 450/650 – Lecture 24: Secure Communications

  4. Network Security Threats • Interception • If interceptor cannot read, have confidentiality (privacy) • If cannot modify without detection, have message integrity 4 CS 450/650 – Lecture 24: Secure Communications

  5. Network Security Threats • Impostors (Spoofing/ Masquerade) • Claim to be someone else • Need to authenticate the sender--prove that they are who they claim to be Impostor True Person 5 CS 450/650 – Lecture 24: Secure Communications

  6. Network Security Threats • Remotely Log in as Root User • Requires cracking the root login password • Then control the machine • Read and/or steal information • Damage data (erase hard disk) • Create backdoor user account that will let them in easily later Root Login Command 6 CS 450/650 – Lecture 24: Secure Communications

  7. Security Threats • Content Threats • Application layer content may cause problems • Viruses • In many ways, most severe security problem in corporations today • Must examine application messages 7 CS 450/650 – Lecture 24: Secure Communications

  8. Replay Attack • First, attacker intercepts a message • Not difficult to do 8 CS 450/650 – Lecture 24: Secure Communications

  9. Replay Attack • Later, attacker retransmits (replays) the message to the original destination host • Does not have to be able to read a message to replay it 9 CS 450/650 – Lecture 24: Secure Communications

  10. Replay Attack • Why replay attacks? • To gain access to resources by replaying an authentication message • In a denial-of-service attack, to confuse the destination host 10 CS 450/650 – Lecture 24: Secure Communications

  11. Thwarting Replay Attacks • Put a time stamp in each message to ensure that the message is “fresh” • Do not accept a message that is too old • Place a sequence number in each message • Do not accept a duplicated message Message Time Stamp Sequence Number 11 CS 450/650 – Lecture 24: Secure Communications

  12. Thwarting Replay Attacks • In request-response applications, • Sender of request generates a nonce (random number) • Places the nonce in the request • Server places the nonce in the response • Neither party accepts duplicate nonces Request Response Nonce Nonce 12 CS 450/650 – Lecture 24: Secure Communications

  13. Network Security Threats • Denial of Service (DOS) Attacks • Overload system with a flood of messages • Or, send a single message that crashes the machine 13 CS 450/650 – Lecture 24: Secure Communications

  14. Denial of Service (DOS) Attacks • Transmission Failure • Connection Flooding • Echo-Chargen • Ping of Death • Smurf • Syn Flood • Traffic Redirection • DNS Attacks • Distributed Denial of Service 14 CS 450/650 – Lecture 24: Secure Communications

  15. SSL Integrated Security System • SSL • Secure Sockets Layer • Developed by Netscape • TLS (now) • Netscape gave IETF control over SSL • IETF renamed it TLS (Transport Layer Security) • Usually still called SSL 15 CS 450/650 – Lecture 24: Secure Communications

  16. Location of SSL • Below the Application Layer • IETF views it at the transport layer • Protects all application exchanges • Not limited to any single application • WWW transactions, e-mail, etc. E-Mail WWW E-Mail WWW SSL SSL 16 CS 450/650 – Lecture 24: Secure Communications

  17. SSL Operation • Browser & Webserver Software Implement SSL • User can be unaware 17 CS 450/650 – Lecture 24: Secure Communications

  18. SSL Operation • SSL ISS Process • Two sides negotiate security parameters • Webserver authenticates itself • Browser may authenticate itself but rarely does • Browser selects a symmetric session key, sends to webserver • Adds a digital signature and encrypts all messages with the symmetric key 18 CS 450/650 – Lecture 24: Secure Communications

  19. Importance of SSL • Supported by Almost All Browsers • De facto standard for Internet application security • Problems • Relatively weak security • Does not involve security on merchant server • Does not validate credit card numbers • Viewed as an available but temporary approach to consumer security 19 CS 450/650 – Lecture 24: Secure Communications

  20. Other ISSs • SSL is merely an example integrated security system • Many other ISSs exist • IPsec • PPP and PPTP • Etc. 20 CS 450/650 – Lecture 24: Secure Communications

  21. Other ISSs • All ISSs have the same general steps • Negotiate security parameters • Authenticate the partners • Exchange a session key • Communicate with message-by-message privacy, authentication, and message integrity 21 CS 450/650 – Lecture 24: Secure Communications

  22. VPNs • IETF developing IPsec security standards • IP security • At the internet layer • Protects all messages at the transport and application layers E-Mail, WWW, Database, etc. TCP UDP IPsec 22 CS 450/650 – Lecture 24: Secure Communications

  23. VPNs • IPsec Transport Mode • End-to-end security for hosts Local Network Internet Local Network Secure Communication 23 CS 450/650 – Lecture 24: Secure Communications

  24. VPNs • IPsec Tunnel Mode • IPsec server at each site • Secure communication between sites Local Network Internet Local Network IPsec Server Secure Communication 24 CS 450/650 – Lecture 24: Secure Communications

  25. VPNs • IPsec Modes Can be Combined • End-to-end transport mode connection • Within site-to-site tunnel connection Local Network Internet Local Network Tunnel Mode Transport Mode 25 CS 450/650 – Lecture 24: Secure Communications

  26. VPNs • Another Security System for VPNs is the Point-to-Point Tunneling Protocol (PPTP) • For dial-up connections, based on PPP • Connects user with securely to a remote access server at a site Dial-Up Connection Local Network Internet PPTP Connection Remote Access Server 26 CS 450/650 – Lecture 24: Secure Communications

  27. IPsec • IPsec (IP security) • Security for transmission over IP networks • The Internet • Internal corporate IP networks • IP packets sent over public switched data networks (PSDN) Local Network Local Network Internet 27 CS 450/650 – Lecture 24: Secure Communications

  28. IPsec • Why do we need IPsec? • IP has no security • Add security to create a virtual private network (VPN) to give secure communication over the Internet or another IP network Local Network Local Network Internet 28 CS 450/650 – Lecture 24: Secure Communications

  29. IPsec • Genesis • Being created by the Internet Engineering Task Force • For both IP version 4 and IP version 6 29 CS 450/650 – Lecture 24: Secure Communications

  30. IPsec • Two Modes of operation • Tunnel Mode • IPsec server at each site • Secures messages going through the Internet Local Network Internet Local Network IPsec Server Secure Communication 30 CS 450/650 – Lecture 24: Secure Communications

  31. IPsec • Tunnel Mode • Hosts operate in their usual way • Tunnel mode IPsec is transparent to the hosts • No security within the site networks Local Network Internet Local Network IPsec Server Secure Communication 31 CS 450/650 – Lecture 24: Secure Communications

  32. IPsec • Two Modes of operation • Transport Mode • End-to-end security between the hosts • Security within site networks as well • Requires hosts to implement IPsec Local Network Internet Local Network Secure Communication 32 CS 450/650 – Lecture 24: Secure Communications

  33. IPsec • Transport Mode • Adds a security header to IP packet • After the main IP header • Source and destination addresses of hosts can be learned by interceptor • Only the original data field is protected Original IP Header Transport Security Header Protected Original Data Field 33 CS 450/650 – Lecture 24: Secure Communications

  34. IPsec • Tunnel Mode • Adds a security header before the original IP header • Has IP addresses of the source and destination IPsec servers only, not those of the source and destination hosts • Protects the main IP header Tunnel Security Header Protected Original IP Header Protected Original Data Field 34 CS 450/650 – Lecture 24: Secure Communications

  35. IPsec • Can combine the two modes • Transport mode for end-to-end security • Plus tunnel mode to hide the IP addresses of the source and destination hosts during passage through the Internet Local Network Internet Local Network Tunnel Mode Transport Mode 35 CS 450/650 – Lecture 24: Secure Communications

  36. IPsec • Two forms of protection • Encapsulating Security Protocol (ESP) security provides confidentiality as well as authentication • Authentication Header (AH) security provides authentication but not confidentiality • Useful where encryption is forbidden by law • Provides slightly better authentication by providing authentication over a slightly larger part of the message, but this is rarely decisive 36 CS 450/650 – Lecture 24: Secure Communications

  37. IPsec • Modes and protection methods can be applied in any combination 37 CS 450/650 – Lecture 24: Secure Communications

  38. IPsec • Security Associations (SAs) are agreements between two hosts or two IPsec servers, depending on the mode • “Contracts” for how security will be performed • Negotiated • Governs subsequent transmissions Negotiate Security Association Host A Host B 38 CS 450/650 – Lecture 24: Secure Communications

  39. IPsec • Security Associations (SAs) can be asymmetrical • Different strengths in the two directions • For instance, clients and servers may have different security needs SA for messages From A to B Host A Host B SA for messages From B to A 39 CS 450/650 – Lecture 24: Secure Communications

  40. Security Association Negotiations Limited By Policies IPsec • Policies may limit what SAs can be negotiated • To ensure that adequately strong SAs for the organization’s threats • Gives uniformity to negotiation decisions Host A Host B 40 CS 450/650 – Lecture 24: Secure Communications

  41. IPsec • First, two parties negotiate IKE (Internet Key Exchange) Security Associations • IKE is not IPsec-specific • Can be used in other security protocols Communication Governed by IKE SA Host A Host B 41 CS 450/650 – Lecture 24: Secure Communications

  42. IPsec • Under the protection of communication governed by this IKE SA, negotiate IPsec-specific security associations Communication Governed by IKE SA Host A Host B IPsec SA Negotiation 42 CS 450/650 – Lecture 24: Secure Communications

  43. IPsec • Process of Creating IKE SAs (and other SAs) • Negotiate security parameters within policy limitations • Authenticate the parties using SA-agreed methods • Exchange a symmetric session key using SA-agreed method • Communicate securely with confidentiality, message-by-message authentication, and message integrity using SA-agreed method 43 CS 450/650 – Lecture 24: Secure Communications

  44. IPsec • IPsec has mandatory security algorithms • Uses them as defaults if no other algorithm is negotiated • Other algorithms may be negotiated • But these mandatory algorithms MUST be supported 44 CS 450/650 – Lecture 24: Secure Communications

  45. PKIs • To use public key methods, an organization must establish a comprehensive Public Key Infrastructure (PKI) • A PKI automates most aspects of using public key encryption and authentication • Uses a PKI Server PKI Server 45 CS 450/650 – Lecture 24: Secure Communications

  46. PKIs • PKI Server Creates Public Key-Private Key Pairs • Distributes private keys to applicants securely • Often, private keys are embedded in delivered software Private Key PKI Server 46 CS 450/650 – Lecture 24: Secure Communications

  47. PKIs • PKI Server Provides CRL Checks • Distributes digital certificates to verifiers • Checks certificate revocation list before sending digital certificates Digital Certificate PKI Server 47 CS 450/650 – Lecture 24: Secure Communications

  48. PKIs • CRL (Certificate Revocation List) Checks • If applicant gives verifier a digital certificate, • The verifier must check the certificate revocation list CRL PKI Server OK? OK or Revoked 48 CS 450/650 – Lecture 24: Secure Communications

  49. Integrated Security System • When two parties communicate … • Their software usually handles the details • First, negotiate security methods • Then, authenticate one another • Then, exchange symmetric session key • Then can communicate securely using symmetric session key and message-by-message authentication 49 CS 450/650 – Lecture 24: Secure Communications

  50. Multi-Layer Security • Security Can be Applied at Multiple Layers Simultaneously • Application layer security for database, e-mail, etc. • Transport layer: SSL • Internet layer: IPsec • Data link layer: PPTP, L2TP • Physical layer: locks 50 CS 450/650 – Lecture 24: Secure Communications

More Related