Document Sample
Cryptography_Lecture Powered By Docstoc
					  Network Security

V.T. Raja and James Coakley
   Oregon State University

• Introduction
   – Imperative need for secure communication
      • Increasing # of security incidences
      • Cost of downtime
      • Customer privacy/satisfaction etc.

• Characteristics of a secure communication
• Cryptography
Imperative Need for Secure Communication
       Reported Security Incidents up to 1995
                Source: CERT.ORG
  Slide provided by guest speaker Kris Rosenberg
    Reported Security Incidents 1995 – 2003
      Slide provided by guest speaker Kris Rosenberg
What does CERT do?
Imperative Need for Secure Communication
            Cost of downtime
   Slide provided by guest speaker Kris Rosenberg
General example for today’s lecture

• Assume Bob and Alice are illicit lovers.
• Assume Trudy is Bob‟s spouse
• Alice and Bob could represent:
  – a client and a server
  – 2 servers
  – 2 routers
  – 2 business partners in a B2B transaction
  – a bank and a customer
    Secure Communication

• Characteristics of a secure communication
  – Confidentiality
  – Authentication
  – Message Integrity and non-repudiation
  – Availability and Access Control
• Alice wants the following to be
  – The fact that she is communicating with Bob
  – Timing of communication
  – Frequency of communication
• Only Alice and Bob should be able to
  understand the contents of the transmitted
  message; Should not be understood by
  eavesdropper (Trudy).
 Confidentiality Relies On Cryptography

• Confidentiality often relies on
  cryptographic techniques for encrypting/
  decrypting data using one or more keys to
  encrypt/decrypt data
• We will learn some basics about
  cryptography in today‟s lecture
• Both sender and receiver should be able
  to confirm identity of other party involved
  in communication
  – Confirm that the other party is indeed
    who/what they claim to be
• Authentication relies on authentication
  techniques, several of which rely on
  cryptographic techniques
       Message Integrity and
• Content of communication is not altered
  maliciously or by accident
• Message integrity also relies on
  cryptographic techniques
• Non-repudiation = not denying what was
• Can communication occur in first place?

 Hackers preventing infrastructure from being
 used by legitimate users – e.g., viruses, DoS

• Detect breaches and respond to attacks
           Access Control

• Entities allowed to gain access to resources
  only if they have the appropriate access rights
  (e.g., login ID, passwords, biometric devices)
• Facilitated by firewalls, which provide access
  control based on a per-packet basis, and on a
  per-service basis.
• Provide a degree of isolation and protection
  from those outside of one‟s network
     Network Security – Part 2

• Symmetric Key Cryptography
• Public Key Cryptography
  Symmetric Key Cryptography
• Symmetric Key Cryptography
  –   Caesar Cipher
  –   Monoalphabetic Cipher
  –   Polyalphabetic Cipher
  –   Data Encryption Standard (DES)
  –   Triple DES (3DES)
  –   Advanced Encryption Standard (AES)
• Trusted Intermediaries for symmetric key
  – Key Distribution Center (KDC)
  – Kerberos
           Basic Terminology
• Plain Text
  – Original data – not disguised
• Cipher (Encrypted) Text
  – Disguised data – looks unintelligible to intruder
  – Data disguised using encryption algorithm
• Key
  – A string of #s or characters used as input to
    encryption algorithm to disguise plain text
  – Symmetric Key: Alice and Bob use same key to
    encrypt and decrypt text
Symmetric Key Cryptography
• Caesar Cipher
  – Each letter in plaintext is substituted with letter that is
    K letters later
  – Wrap around is allowed (i.e., z followed by letter a)
  – If K = 3, a in plaintext becomes d in cipher text
               b in plaintext becomes e in cipher text
  – Example: Decrypt the following using a Caesar
    Cipher of K =3; Assume „wrap around‟ is allowed.
      “ere, l oryh brx. Dolfh”
  Once it is known that Caesar cipher is being used, it is
    easy to break the code (only 25 possible key values).
Symmetric Key Cryptography
• Monoalphabetic Cipher
  – Improvement on Caesar Cipher
  – No regular pattern – any letter can be substituted for any other
    letter, as long as each letter has a unique substitute letter, and
    vice versa. Example follows:
  Plain Text:   abcdefghijklmnopqrstuvwxyz
  Cipher Text: m n b v c x z a s d f g h j k l p o i u y t r e w q
  Example: Find cipher text for “Bob, I love you. Alice” using above
    monoalphabetic cipher.
  26! Possible pairings of letters – so breaking code is not as easy as
    in the case of Caesar cipher. Usually statistical analysis of plain
    text language can help in breaking the code faster.
Symmetric Key Cryptography
• Polyalphabetic Encryption
  – Use multiple monoalphabetic/Caesar ciphers
  – Use a specific monoalphabetic/Caesar cipher to
    encode a letter in a specific position in the plain text
  – This implies that same letter appearing in different
    positions in the plaintext might be encoded differently.
  Example: 2 Caesar ciphers; K = 5, K = 19
  For every 5 bits in the plain text use the 2 Caesar
    ciphers in the following pattern: C1, C2, C2, C1, C2
  Example: Using K= 5 and K =19, find cipher text for
    “Bob, I love you.”
Symmetric Key Cryptography
• Data Encryption Standard (DES)
  – Published in 1977, and updated in 1993
  – For commercial and non-classified U.S. Govt. use
  – Encodes plaintext using 56-bit key
  Objective: Scramble data and key so that every bit of
    the cipher text depends on every bit of the data and
    every bit of the key
  – Algorithm: Complex (beyond the scope of the course);
    Decryption works by reversing the algorithm‟s
     How well does DES work?
• In 1997 RSA Data Security Inc., ( A network security
  company) launched a DES challenge contest to crack a
  short phrase (“strong cryptography makes the world a
  safer place”) it had encrypted using a 56-bit DES.
• Winning team took 4 months to decode. It had
  volunteers throughout the Internet to systematically
  explore key space. Claimed 10K cash prize after testing
  only a quarter of the key space (about 18 quadrillion
• In 1999, RSA launched another DES challenge.
• Message was decrypted in little over 22 hours by a
  network of volunteers and a special purpose computer
  called “Deep Crack”. Claimed 250 K cash prize. Not
  bad for a day‟s work?
Symmetric Key Cryptography
• Triple DES (3 DES)
  – If 56-bit DES is considered to be insecure, one can
    simply run the algorithm multiple times, using a
    different key each time
  – DES run three times (with a different 56-bit key at
    beginning of each time DES is run).
• Advanced Encryption Standard (AES)
  – NIST – in Nov 2001 announced successor to DES.
  – AES is also a symmetric key algorithm that processes
    data in 128-bit blocks
  – AES can operate with 128-bit keys, 192-bit keys, and
    256-bit keys
        Trusted Intermediaries
• Disadvantage of Symmetric Key
  – 2 communicating parties have to agree upon their
    secret key ahead of time in a secure manner.
• Since sender and receiver do not meet face to
  face in the networking world , they need a
  trusted intermediary
  – Trusted Intermediaries:
     • Key Distribution Center
     • Kerberos
  Key Distribution Center (KDC)
• A server that shares a different secret
  symmetric key with each registered user.
• KDC knows the secret key of each user, and
  each user can communicate securely with KDC
  using this key.
• Assume Alice and Bob use KDC for their
  – Assume Alice‟s secret key known to Alice and KDC is
  – Assume Bob‟s secret key known to Bob and KDC is
 Example: Alice and BOB using KDC

1. Using her key, Alice sends a message to
   KDC saying that she (A) wants to
   communicate with Bob (B). We denote
   this message as KA-KDC(A, B).
2. a. KDC decrypts KA-KDC(A, B).
   b. KDC generates a random number R1, which
     is to be used as symmetric key by Alice and
     Bob during their communication.
  Example: Alice and BOB using KDC
2 c. KDC sends Alice R1, and a pair of values A and R1
     encrypted using Bob‟s key. We denote this message
     sent to Alice by KDC as:
   KA-KDC(R1, KB-KDC(A, R1)).
3. Alice decrypts message and extracts symmetric key R1.
     Alice extracts and forwards (although she cannot
     KB-KDC(A, R1) to Bob.
4. Bob decrypts and understands that he is to use R1 as
     symmetric key to converse with person A (Alice).
5. Bob and Alice communicate using symmetric key R1
• Developed by MIT
• Very similar to KDC
• Has additional functions such as:
  – Time stamp for validity of “nonce” R1.
  – Has info about which users have access
    privileges to which services on which network
     Public Key Cryptography

• Public keys and Private keys
• RSA Algorithm
• Authentication
    • Authentication Protocol (ap)
       – ap 1.0, 2.0, 3.0, 3.1, 4.0, 5.0
       – Exchanging Public Keys
           » Man (Woman) in the middle-attack
    Introduction - Public Key Cryptography

• Is it possible for two parties to communicate
  using encryption/decryption without using a
  shared secret key?
  – Yes. Using public key cryptography
• A radically different and marvelously elegant
  approach towards encryption/decryption
• Public key cryptography is useful not only for
  encryption/decryption, but also for authentication
  and digital signatures as well.
 Basic Idea of Public Key Cryptography

• Each participant has a private key (known only
  to the participant) and a public key.
• The public key is created with one‟s private key.
• Public key is made available to others and could
  be posted even on a website which is accessible
  by the rest of the world.
• Public key of recipient is used by sender to
  encrypt message.
• Recipient decrypts message using recipient‟s
  private key.
     Public Key Cryptography
• Example:
  – Alice wishes to send a message to Bob.
  – Alice fetches Bob‟s public key.
  – Alice uses Bob‟s public key to encrypt
  – Alice sends encrypted message to Bob.
  – Bob decrypts cipher text with Bob‟s private
 Notation and Choice of Keys
• Assume Alice‟s plain text message, (which has
  to be encrypted and then sent to Bob) is denoted
  as m.
• Assume Bob‟s public key is denoted as KB+ and
  his private key is denoted as KB-.
• These keys are chosen such that:
  KB- (KB+ (m)) = KB+ (KB- (m)) = m
  RSA algorithm (named after its founders, Ron Rivest,
   Adi Shamir, and Leonard Adleman) has become
   almost synonymous with public key cryptography.
          RSA and DES/AES
• RSA is a complex algorithm and uses concepts
  from number theory.
• DES is at least 100 times faster than RSA.
• In practice, RSA is often used in combination
  with DES or AES.
  – Message is encrypted using DES key
  – Alice encrypts DES key with Bob‟s public key
  – Bob decrypts and obtains DES key with his private
  – Message is decrypted using DES key
• ap 1.0
  – Alice announces to Bob, “I am Alice.”
    • Trudy could have sent this message.
• ap 2.0
  – Alice announces to Bob, “I am Alice”, and
    asks Bob to authenticate her by matching
    source IP (in IP header) with Alice‟s IP.
    • Trudy could have sent this message if she had
      done IP spoofing.
• ap 3.0
   – Alice announces to Bob, “I am Alice”, and asks Bob to
     authenticate her by verifying her plaintext password.
       • Trudy may have already eavesdropped earlier, and have stolen
         Alice’s plaintext password during an earlier conversation between
         Alice and Bob. Now, Trudy could send the message, “I am Alice” by
         using Alice’s plaintext password.
• ap 3.1
   – Alice announces to Bob, “I am Alice”, and asks Bob to
     authenticate her by verifying her encrypted password, which is
     kept the same for different communication sessions between
     Bob and Alice.
       • Same disadvantage mentioned in ap 3.0 still exists. Note that Trudy
         need not decrypt the password. She could still eavesdrop, steal
         encrypted password, and then perform a “playback attack” on Bob.
• ap 4.0
   – Alice announces to Bob, “I am Alice.”
   – Bob sends a plaintext nonce (= r) to Alice.
       • Note that nonce is a one time value that is specific to that
         communication session. It is not repeated again in another session.
         So “playback attack” is not possible.
   – Alice resends same nonce back to Bob but this time nonce is
     encrypted with symmetric key used by Alice and Bob.
   – Bob decrypts nonce using symmetric key. If decrypted nonce
     equals the nonce he sent Alice earlier (i.e. decrypted nonce = r) ,
     then Alice is authenticated.
   – However, this implies that Alice and Bob must have decided
     upon and exchanged their symmetric key.
• ap 5.0
  – Alice announces to Bob, “I am Alice.”
  – Bob sends a plaintext nonce (= r) to Alice.
     • Since nonce is a one-time value, “playback attack” is not
  – Alice resends same nonce back to Bob but this time
    nonce is encrypted with Alice‟s private key.
  – Bob decrypts nonce using Alice‟s public key. If
    decrypted nonce equals the nonce he sent Alice
    earlier (i.e. decrypted nonce = r) , then Alice is
     Exchanging Public Keys
• Why should public key be publicly
• Wouldn‟t it be better for Alice and Bob to
  exchange their respective public keys via
  e-mail, after authenticating each other?
  – Due to possibility of “man (woman) in the
    middle attack.”
    Man (Woman) in the Middle Attack
• Alice transmits, “I am Alice.”    • While Bob is encrypting new
• Trudy eavesdrops.                   data using Trudy‟s public key,
• Bob sends a nonce = r.              Trudy is busy posing as Bob to
                                      Alice. In particular,
• Trudy intercepts nonce, and          – Trudy transmits Bob‟s nonce
  sends Bob encrypted nonce              to Alice
  (encrypted using her private         – Alice transmits encrypted
  key).                                  nonce (encrypted using Alice‟s
• Bob sends a message to Alice           private key).
  asking her for a public key.         – Trudy intercepts encrypted
• Trudy intercepts message, and          nonce, and asks Alice for her
  sends Bob Trudy‟s public key.          public key.
                                       – Alice sends her public key
• Bob decrypts nonce with
  Trudy‟s public key (thinking
  that he is using Alice‟s public
  key), and inadvertently
  authenticates Trudy.
  Man (Woman) in the Middle Attack
• Bob sends encrypted data (encrypted using Trudy‟s
  public key)
• Trudy decrypts using her private key, and finds out Bob‟s
  plain text.
• Trudy encrypts Bob‟s plain text using Alice‟s public key.
• Trudy transmits encrypted text to Alice.
• Alice decrypts using her private key, and finds out Bob‟s
  plain text.
• Alice and Bob are happy that they have had a secure
  communication. They are ignorant of the fact that Trudy
  has intercepted and decrypted Bob‟s message to Alice.
        Digital Signatures and
          Message Digests
• Assume Bob wants to digitally sign a
  “document,” m.
• Bob‟s digital signature could be KB- (m)
• Due to complexity of RSA, digital
  signatures are applied to “fingerprints”
  instead of being applied to message m.
• Fingerprint – H(m) – where H denotes a
  “hash algorithm”
• Bob‟s digital signature is KB- (H(m))
              Message Digests
• Message Digest (Hash) algorithms:
  – MD5
  – SHA-1
     • Secure Hash Algorithm is a U.S. federal standard
     • Required for use whenever a secure message digest
       algorithm is required for federal applications
     • Produces a 160-bit message digest.
     • Longer the output length, the more secure SHA-1
     • SHA-224, SHA-256, SHA-384, and SHA-512, which despite
       the similarity of names, are actually fairly different algorithms
       to SHA-1 and have much wider safety margins.
      Public Key Certification
• PK cryptography – possible for two entities
  to exchange secret messages without
  having to exchange secret keys.
• Communicating entities have to exchange
  public keys (without being subject to “man
  in the middle attack”).
• Binding a public key to a particular entity is
  typically done by a Certification Authority
         Certification Authority
• A CA verifies that an entity is who it claims to be.
• After verification, CA creates a certificate that
  binds the public key of the entity to the identity.
• Certificate
   – includes a public key
   – includes globally unique identifying information about
      owner of the public key
   – Is digitally signed by CA
   (Internet Explorer – Tools, Internet Options, Content,
 Availability and Access Control
• Some attacks
• Firewalls
    Examples of some attacks
• Denial of Service attacks
  – “Ping” attacks
  – SYN flood attack

• Distributed Denial of Service attacks
• Terminology
   – IP Spoofing
   – Ping
   – TCP
       • Packet Numbers (also known as Sequence#s)
       • Acknowledgement Numbers
       • Port IDs (Port Scanning, mapping)
   – Telnet
• Denial of Service (DoS) Attack
   – Smurf Attack
   – SYN Flood Attack
   – Half-open telnet sessions
• Distributed DoS Attack
• Firewalls
   – Packet level firewall
   – Application level firewall
• Network Address Translation
   – NAT Server
               Ping Packets
• Ping packets
  – Packets that ask a computer to respond with
    an acknowledgement
  – Used to see if a computer is still operational in
    a network
     • e.g., Ping by computer name
           » Ping
           Ping by IP address
           » Ping
    Denial of Service (DoS) Attack
•   Hacker attempts to disrupt the network by flooding the network with
    messages so that the network cannot process messages from legitimate
•   Examples:
     1. Hacker‟s program continuously pings target computer.
     – Consequence:
     – Solution:
     2. Hacker‟s program continuously send “ping” requests to the target that list the
        target as the sender
     – Consequence:
     – Solution:
     3. Smurf attack:
        What is a smurf attack?
        What is the consequence of a smurf attack?
     4. SYN Flood attack:
        What is a SYN flood attack?
        What is the consequence of such an attack?
  TCP SYN for a simple Telnet application

• TCP stands for: Transmission Control

• SYN stands for: Synchronize Sequence
            SYN Flood Attack

•   Attacker (client) sends a TCP SYN (Synchronize
    Sequence/Packet Number) request to server.
•   The server responds by sending a TCP SYN/ACK
•   The attacker does not respond – resulting in half-
    open session using up server resources.
•   The attacker sends a flood of such TCP SYN
    requests without responding.
•   Requests from other legitimate clients are unable to
    reach the server due to multiple half-open sessions
 Distributed DoS (DDos) attack
• In A DDoS attack, a hacker first gains control of
  hundreds/thousands of computers (slaves).
• Plants software referred to as DDoS agent on
  each of the slaves
• Hacker then uses software referred to as DDoS
  handler (master) to control the agents (slaves)
• Attacker launches attacks from all the slaves
  and it is difficult to trace hacker
   High Profile Victims of DDoS
• Yahoo, eBay, Amazon, Microsoft and eTrade
  websites have been rendered inaccessible to
  legitimate visitors after being flooded with traffic
  from hundreds of hijacked system
•;; sites were flooded with DDoS
  attack for almost one day
• DDoS attack high-level DNS servers on the

Shared By: