1 / 44

Net-Centric Computing Division Department of Computer Science Bogor Agricultural University

Net-Centric Computing Division Department of Computer Science Bogor Agricultural University. KOM 312 Komunikasi Data dan Jaringan Komputer. Basic of Network Security. Sri Wahjuni my_juni04(at)ipb.ac.id; my_juni04(at)yahoo.com. agenda. Network Security Threats

keilah
Download Presentation

Net-Centric Computing Division Department of Computer Science Bogor Agricultural University

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Net-Centric Computing Division Department of Computer Science Bogor Agricultural University KOM 312 Komunikasi Data danJaringanKomputer Basic of Network Security Sri Wahjuni my_juni04(at)ipb.ac.id; my_juni04(at)yahoo.com

  2. agenda • Network Security Threats • Security and Cryptography • Network Security Protocols swj/11

  3. background • The combination of low-cost powerful computing and high-performance networks is a two-edged sword: • Many powerful new services and applications are enabled • But computer systems and networks become highly susceptible to a wide variety of security threats • Network security involves countermeasures to protect computer systems from intruders • Firewalls, security protocols, security practices swj/11

  4. agenda • Network Security Threats • Security and Cryptography • Network Security Protocols swj/11

  5. Threats, Security Requirements, and Countermeasures • Network Security Threats • Eavesdropping, man-in-the-middle, client and server imposters • Denial of Service attacks • Viruses, worms, and other malicious code • Network Security Requirements • Privacy, Integrity, Authentication, Non-Repudiation, Availability • Countermeasures • Communication channel security • Border security swj/11

  6. Security Requirements Security threats motivate the following requirements: • Privacy/confidentially: information should be readable only by intended recipient • Integrity: recipient can confirm that a message has not been altered during transmission • Authentication: it is possible to verify that sender or receiver is who he claims to be • Non-repudiation: sender cannot deny having sent a given message. • Availability: of information and services swj/11

  7. replay Request Server Client Response Threats : Eavesdropping • Information transmitted over network can be observed and recorded by eavesdroppers (using a packet sniffer) • Information can be replayed in attempts to access server • Requirements: privacy, authentication, non-repudiation swj/11

  8. Server Client Imposter Threats : Client Imposter • Imposters attempt to gain unauthorized access to server • Ex. bank account or database of personal records • For example, in IP spoofing imposter sends packets with false source IP address • Requirements: privacy, authentication swj/11

  9. Server Imposter Client Server Imposter • An imposter impersonates a legitimate server to gain sensitive information from a client • E.g. bank account number and associated user password • Requirements: privacy, authentication, non-repudiation swj/11

  10. Man in the middle Client Server Threats : Man in the middle attack • An imposter manages to place itself as man in the middle • convincing the server that it is legitimate client • convincing legitimate client that it is legitimate server • gathering sensitive information and possibly hijacking session • Requirements: integrity, authentication swj/11

  11. Server Attacker Threats : Denial of Service Attack • Attacker can flood a server with requests, overloading the server resources • Results in denial of service to legitimate clients • Distributed denial of service attack on a server involves coordinated attack from multiple (usually hijacked) computers • Requirement: availability swj/11

  12. Server Imposter Client Threats : Malicious Code • A client becomes infected with malicious code • Opening attachments in email messages • Executing code from bulletin boards or other sources • Virus: code that, when executed, inserts itself in other programs • Worms: code that installs copies of itself in other machines attached to a network • Many variations of malicious code • Requirements: privacy, integrity, availability swj/11

  13. Countermeasures Secure communication channels • Encryption • Cryptographic checksums and hashes • Authentication • Digital Signatures swj/11

  14. Countermeasures (2) Secure borders • Firewalls • Virus checking • Intrusion detection • Authentication • Access Control swj/11

  15. agenda • Network Security Threats • Security and Cryptography • Network Security Protocols swj/11

  16. Cryptography • Encryption: transformation of plaintext message into encrypted (and unreadable) message called ciphertext • Decryption: recovery of plaintext from ciphertext • Cipher: algorithm for encryption & decryption • A secret key is required to perform encryption & decryption swj/11

  17. Cryptography • Conventional : • Substitution Cipher • Transposition Cipher • Modern (Using mathematical methods): • Secret/symetric key • Public key • Cryptographic checksum and hash swj/11

  18. Substitution Ciphers Substitution Cipher: Map each letter or numeral into another letter of numeral: a b c d e f g h i j k l m n o p q r s t u v w x y z z y x w v u t s r q p o n m l k j i h g f e d c b a • Example: • hvxfirgb security • Substitution ciphers are easy to break • Take histogram of frequency of occurrence of letters in a ciphertext message • Match to known frequencies of letters swj/11

  19. Transposition Cipher Transposition Cipher: Rearrange order of letters/numerals in a message using a particular rearrangement: • interchange character k with character k+1 • Example: • security esuciryt • Transposition Ciphers are easy to break • Suppose plaintext and ciphertext are known • Matching of letters in plaintext and ciphertext will reveal transposition mapping swj/11

  20. Encryption Decryption C=E (P) Ciphertext Plaintext P P K DK(.) EK(.) Key K Key K Secret/symetric Key Cryptography • Sender encrypts P by applying mapping EK which depends on secret key K: C = EK(P) • Receiver decrypts C by applying inverse mapping DK which also depends on K: DK(EK(P)) = P • Examples of symetric key methods : • Data Encryption Standard (DES) and Triple DES • Advanced Encryption Standard (AES) swj/11

  21. Security using Secret Key Cryptography • Privacy: secret key renders messages confidential • Integrity: alteration of the cyphertext will be detected, because the decrypted message will be gibberish • When privacy is not required, encryption of the entire message is overkill because much processing involved • We will see that cryptographic checksums provide integrity and require less processing swj/11

  22. Cryptographic Checksums and Hashes CrytoChk Message Message • Transmitter calculates a fixed number of bits (crypto checksum/hash) that depends on secret key K: HK(P) • Receiver recalculates hash from received message & compares to received hash • example : MD5, SHA-1 P P Crypto Checksum Calculator HK(P) K swj/11

  23. Encryption Decryption DK2(.) Plaintext P EK1(.) Ciphertext P C = EK1(P) Private key K2 Public key K1 Public Key Cryptography • Public key cryptography provides privacy using two different keys: • Public key K1 available to all for encrypting messages to a certain user: C = EK1(P) • Private key K2 for user to decrypt messages: P = DK2(EK1(P)) • Example: RSA public key cryptography • Implementation: authentication, digital signature swj/11

  24. Digital signatures using Public Key Cryptography • Digital signatures provide non repudiation • User “signs” a message that cannot be repudiated • Digital signature obtained as follows: • Transmitter obtains a hash of the message • Transmitter encrypts the hash using its private key; result is the digital signature • Transmitter sends message and signature • To check the signature: • Receiver obtains hash of message • Receiver decrypts signature using sender’s public key • Receiver compares hash computed from message and hash obtained from signature • Procedure also ensures message integrity swj/11

  25. secret Key vs. Public Key • Public key systems have more capabilities • Secret key: privacy, integrity, authentication • Public key: all of above + digital signature • Public key algorithms are more complex • Require more processing and hence much slower than secret key • Practice: • Use public key method during session setup to establish a session key • Use secret key cryptography during session using the session key swj/11

  26. Example: Pretty Good Privacy (PGP) • PGP developed by Phillip Zimmerman to provide secure email • http://www.philzimmermann.com/index.shtml • http://www.pgpi.org • Notorious for becoming publicly available for download over Internet in violation of US export restrictions • Uses public key cryptography to provide • Privacy, integrity, authentication, digital signature • De facto standard for email security • Also provides privacy and integrity for stored files swj/11

  27. Key Distribution in Secret Key Systems • Kerberos: authentication service for users to access servers over network • Key distribution center(KDC) has secret key with every user • At login, user supplies ID and password • KDC authenticates user & generates session key • Session key & ticket-granting ticket (TGT) is sent to user encrypted using shared secret key • To access a particular server, user sends request to KDC with server name and TGT • KDC decrypts TGT to recover session key & then returns ticket to client for desired server swj/11

  28. Key Distribution in Public Key Systems • In public key only one pair of keys per user • Key distribution problem: How to determine whether an advertised public key is not from an imposter? • Certification Authority (CA) • Issues digitally signed certificate that provides • User’s name & public key • Certificate serial #, expiration date • Certificates can be stored in publicly accessible directories • To communicate with B, a user contacts the CA to obtain the certificate for B • Users are configured to have the CA’s public key, which they use to verify the digital signature swj/11

  29. agenda • Network Security Threats • Security and Cryptography • Network Security Protocols swj/11

  30. Direct Connections to Internet • Computers A & B communicate across the Internet • Exposure to eavesdropping, imposters, DoS • Can encrypt some transmitted information • But IP headers need to be visible to routers & hence others • Eavesdropper can gather variety of usage information & deduce nature of interaction • Choice of which layer to apply security: IP, transport, or application layer swj/11

  31. Gateway-to-Gateway • Computers A and B have gateways interposed between their internal network and Internet • Gateway can be a firewall • Controls external access to internal network • Packet filtering according to various header fields • IP addresses, port numbers, ICMP types, fields within payload • Secure tunnels can be established between gateways • All internal information including headers can be encrypted swj/11

  32. Remote user to Gateway • Mobile host needs access to internal network • Gateway must provide user with access while barring intruders from accessing internal network • May also need to protect identity of mobile user • IP-address of mobile user changes swj/11

  33. firewalls swj/11

  34. Firewall Options • Firewalls can operate at different layers • IP-layer filtering cannot operate on payload contents • Circuit-Level Gateways • Direct client-to-server TCP connections not allowed • Relays TCP segments between actual client & actual server • Application-Level Gateways or Proxies • Interposed between actual client and actual server • Performs authentication and determines what features are available to client • Monitors, filters & relays messages swj/11

  35. Virtual private networks (vpn) • Common design : implement firewall together with IPSec to create a secure tunnel • single authenticated • providing integrity, secrecy swj/11

  36. Protocol Layer Options • Security Services can be provided at different layers of the protocol stack • Data Link Layer security • Point-to-point security between directly-connected devices, e.g. wireless LAN security • IP-Layer security • Security service between IP-layer & Transport layer • End-to-end security across an internet, e.g. IPsec • Transport Layer security • Security service between Transport & Application Layers • E.g. Secure Sockets Layer & Transport Layer Security swj/11

  37. communication Security Services • Integrity Service: information received from network has not been altered during transmission • Authentication Service: the receiver can authenticate that information came from trusted sender • Privacy Service: information is readable only by intended recipient • In applications that require network security, integrity & authentication essential; privacy not always justified swj/11

  38. Security Association • A Security Association (SA) is a logical simplex connection between two network-layer entities • Two SA’s required for bidirectional secure communication • SA is specified by • A unique identifier • Security services to be used • Cryptographic algorithms to be used • How shared keys will be established • Other attributes such as lifetime • SA negotiated before security service begins swj/11

  39. 802.11 security : WEP • Wired Equivalent Privacy (WEP): • host requests authentication from access point • access point sends 128 bit nonce • host encrypts nonce using shared symmetric key (40 bits) • access point decrypts nonce, authenticates host swj/11

  40. IP Security (IPsec) . • IPsec defined in RFCs 2401, 2402, 2406 • Provides authentication, integrity, confidentiality, and access control at the IP layer • Provides a key management protocol to provide automatic key distribution techniques (Internet key exchange/IKE). • Security service can be provided between a pair of communication nodes, where the node can be a host or a gateway (router or firewall). • Two protocols & two modes to provide traffic security: • Authentication Header and Encapsulating Security Payload • Transport mode or tunnel mode swj/11

  41. IPv4 Header AH Upper Layer (e.g., TCP or UDP) IPsec Authentication Header • Authentication header (AH) placed after headers that are examined at every hop • Presence of AH indicated by protocol value = 51 in IPv4 header • Authentication performed over all fields including IP header, except fields that change at every hop

  42. Secure Sockets Layer (SSL) • SSL developed by Netscape Communications • Operates on top of TCP • Security services: server authentication, data encryption, client authentication (optional) • Provides secure connections • HTTP, FTP, telnet, … • Electronic ordering & payment; e-mail • SSL 3.0 submitted to IETF for standardization • TLS standardized by IETF (RFC 2246) • Slight differences with SSL 3.0 swj/11

  43. Handshake Protocol HTTP Protocol Alert Protocol Change cipher spec Protocol TLS Record Protocol TCP IP Transport Layer Security (TLS) • TLS protocols operate at two layers • TLS Record Protocol operates on top of TCP • Protocols on top of TLS Record Protocol • TLS Handshake Protocol • TLS Change Cipher Specification Protocol • TLS Alert Protocol swj/11

  44. references • Garcia A.L., Widjaja A. 2004. Networks Communication : Fundamental Concepts and Key Architectures 2nd ed. – Chapter 11. McGraw-Hill Companies, Inc. swj/11

More Related