Communication Networks Lecture 15-Network Security

Document Sample
Communication Networks Lecture 15-Network Security Powered By Docstoc
					                                                                    Network Security
   Communication Networks                                             Overview

   Lecture 15- Network Security                                       • Introduction
                                                                      • Traditional Cryptography
                                                                         – substitution ciphers
                                                                         – transposition ciphers
                                                 HuCheng
                                              hc@seu.edu.cn           • Cryptographic principles
                                                 Lingming             • Secret-key algorithms
                                             trio@seu.edu.cn             – DES: data encryption standard
                                                                      • Public-key algorithm
                                                                         – RSA: Rivest, Shamir and Adleman
                                                                      • Authentication protocols
Spring, 2002                      ftp://www.cnasic.com:2121           • Digital signatures




Network Security : Introduction                                     The Weakness of Open network
       Four security areas:                                           Stealing Information and eavesdropping
       Secrecy
          – keeping information from unauthorized users
                                                                      Impersonate users,clients,servers
       Authentication                                                 Modify information before arrives
          – determine origin of message ( who am I talking to ? )
                                                                      Redirect information to others
       Non repudiation
          – dealing with signature : how do I prove you wrote the     Denial-Of-Service attacks
          letter, and made the deal ?
       Integrity control
          – Is your message not modified ?




 The Solutions of these Problems                                    Network Security : Introduction
                                                                      Where to put security ?
    Eavesdropping                        Encryption                      Secrecy can be put in transport layer, but not in
                                                                         lower layers (because decoding required at each
                                                                         router)
    Impersonation                     Authentication                     authentication and signature checks has to be put
                                                                         in application layer
                                                                      Four attack categories:
                                                                         Interruption (DOS)
      Modification                  Digital Signature
                                                                         Interception (Eavesdropping )
                                                                         Modification
                                                                         Fabrication ( Impersonate )
          DOS                                IP Filter
Traditional Cryptography                                        Terminology
                                                                 plaintext: the message to be encrypted
                                                                 key : the encryption function is often
                                                                 parameterized by a key
                                                                 ciphertext : output of the encryption process
                                                                 cryptanalysis : art of breaking ciphers
                                                                 cryptology ; art of designing encryption
                                                                 methods (cryptography) and breaking them
                                                                 (cryptanalysis




Traditional Cryptography                                        Traditional Cryptography
 Plain text : P                                                  Substitution ciphers
 Key : K                                                            • shift alphabet by k letters ( Caesar cipher )
 Encryption method : E
                                                                    • permuted alphabet
 Decryption method : D
                                                                       – mono alphabetic substitution
 Cipher text : Ek (P) = C
                                                                       – 26 ! ~ 4 x 1026 possible keys
 It follows : Dk (Ek (P)) = P
                                                                 Decipher
 Crypt analyst is assumed to know encryption method ( but not       • use known frequencies of letters ; eg. e is most common
 the key )                                                          letter
 Three decipher options:                                            • use frequent patterns of 2 or 3 letters (digrams and
    • cipher text only Ci for some i                                trigrams)
    • known plaintext ( Pi, Ci ) for some i                         • use likely word
    • chosen plaintext (Pi, Ci ) for any i
                                                                 Note : substitution preserves order of symbols




Traditional Cryptography                                        Transposition cipher
 Transposition cipher
    reorders symbols, but do not change them
    example : the columnar
 transportation, fig 7-3
    write rows
    read out columns
Traditional Cryptography                                           Cryptographic principles
 One time Pads : easy unbreakable cipher                            Two fundamental principles of any cryptographic
 Consider plaintext P                                               system:
 Choose random bitstring as key K, |K| = |P|
 C = P (XOR) K                                                      C needs redundancy i.e c ¡Ê C for which Dk (C) is not
 can not be broken :                                                valid
 it does not contain any information at all !                         – otherwise it would be easy to generate valid messages
    – each letter occurs with some frequency                          – however, redundancy makes deciphering easier
 Problems:                                                               for any key K, DK (C) has to make sense otherwise K cannot be
 key is difficult to memorise                                            valid
 |K|>> |P|                                                               add random string as redundancy
    – gigabit networks needs one CD per 5 seconds !!!               Re-playing messages must be avoided
    sensitivity to lost/inserted bits => loss of synchronization
                                                                      – use time stamp with time out




Secret-key Algorithms                                              Secret-key Algorithms
 Based on transition and substitution
 However:
 • Traditionally: easy algorithm and very long keys
 • Today: complex algorithm and shorter keys
 Basic transposition and substitution circuits: fig. 7-4
    • P box : implements a permutation (i.e. transition)
    • S box : implements substitution of symbols
 • S and P boxes can be arbitrarily combined to form
 very complex functions




Secret-key Algorithms                                              DES
 DES : data encryption standard
 • IBM developed
 • 1977: accepted as U.S. government
 standard
 • Encryption and decryption use same key
 – Steps run in same order with keys reversed
 DES algorithm is shown in fig. 7-5
    – 16 iterations + initial and final transposition and
    final swap
    – each iteration uses different key Ki (i=1..16)
          Triple DES                                                               Public-Key algorithms
           C = Ek1 Dk2 Ek1 (P)                                                        DES has key distribution problem
                                                                                      Alternative: work with two keys, one of which
           P = Dk1 Ek2 Dk1 (C)                                                        is public
           • Uses just two keys                                                       usually the public key is used for encryption,
              compatible with Single DES: use K1 = K2                                 the private for decryption
           • No breaking method known to date                                         Requirements:
                                                                                         • Deriving decryption key from encryption key and
           • Combine it with chaining                                                    (known) cryptographic algorithm is impossible
                                                                                         • Decryption key can not be broken using plaintext
                                                                                         approach




          Public-Key algorithms                             Alice’s Pub Key        Authentication protocols
                                                                                      What is Authentication
                                                                                      Trust is the base of authentication
                                       Bob’s infor to
                                                                                      Authenticate protocol :Kerboros
Alice’s      Alice                          Alice        Bob       Bob’s
Private                                                            Private
Key                                                                Key

OK




                                                                                            How Kerboros Works?

          Authentication protocols                                            Based on Shared Secret

           Authentication = Verify that sender of message is really the one
           he says he is
           General protocol model between A and B
           • Use KDC: key distribution centre
           – KDC is always honest
           – KDC has shared keys with al its clients
           – KDC distributes session keys ( Ks ) used for direct                       Alice           Alice’s infor to            Bob
           communication between A and B
           • Alternatively A and B may possess already a shared key                                          Bob
           – using this shared key they may establish a session key
           • After exchanging several messages A and B                                                                                         OK
           should be convinced of each others identity
                                                                                                                          Bob can decrypt the information ,
                                                                                                                          so the infor comes from Alice
                                    How Kerboros Works?                                                                          How Kerboros Works?
                  Authenticator                                                                            How Can the two
                                                                                                          sides get the key?
                                                               Alice,                                                                                                    Server’s long term key
                                         I’m Alice
                                                             Timestamp
                                                                                               Client’s long term key
                                                                                                                                                     KDC
                                                                                                                          Client wants Server       Invents
                            Alice                                                Bob                                                                Session
                                                              Timestamp                                                                               Key
                                                                                                         IBM Compatible




                                                                            Alice,Timestamp
                                                                                                                                                                                 IBM Compatible




 Timestamp is the same                                                                                                                                SC
 as sent out, so it must comes
 from Bob




                                    How Kerboros Works?                                                                          How Kerboros Works?
            How Can the two
                                                                                                    Mutual Authentication
           sides get the key?
                                                                                                             (Client/Server)
                            (Practice)
                                                                                                                                           Server’s Long Term Key
Client’s long term key
                                                                                     KDC
                                                                                                                              Client,Time               Session Ticket
                                               Client wants Server                  Invents
                                                                                    Session
          IBM Compatible
                                                                                      Key                IBM Compatible
                                                                                                                                                                                 IBM Compatible




                                                                                      SC
                                                        Session Ticket
                                                                                                                                                  Time
                                            Server’s Long Term Key




                                    How Kerboros Works?                                                                          How Kerboros Works?
                           KDC’s two                                                                      Sub Protocols In
                            main jobs                                                                        Kerboros



                                    KDC
                                                                                                                           • Authentication Service (AS) Exchange
                                    Authentication                    To issue TGT                                         • Ticket-Granting Service (TGS) Exchange
                                       Service
                                                                                                                           • Client/Server (CS) Exchange
                                    Ticket Granting
                                        Service                      To issue Session Ticket
            How Kerboros Works?                            How Kerboros Works?
AS Exchange                                   TGS Exchange




            How Kerboros Works?
CS Exchange                                    Digital Signatures
                                                 Purpose signature:
                                                 receiver can verify identity of sender
                                                 sender can not deny message later on
                                                 receiver can not change the message
                                                 Two methods:
                                                 Secret-key signatures
                                                 – uses trusted system (fig 7-22)
                                                 Public-key signatures
                                                 – using eg. RSA (fig 7-23)




Message Digest                                 Digital Signatures
                                                                                       Digest

                                                                                 MD5
                                                                                 MD5        Alice’s Pub
                                                              MD5
                                                              MD5      Message              Key
                                                  Message

                   Hash
                   Hash
  Message        Function
                  Function
                             Message Digest
                                                                       Digest
                  MD5                             Digest