07security

Security
• In most systems security is an important
concern
– Communications should be secure against
eavesdropping and tampering
– Servers/clients should be able to verify the
identity of their clients/servers
– The originator of a message should be
verifiable after the message has been delivered

04/29/12 ICSS420 - Security 1

Policy vs. Mechanism
• Security policies
– Who can access what resource
– Defines the appropriate levels of security
• Security Mechanisms
– Techniques used to implement the security
policies


Principal
• The agents accessing the information or resources
– Human beings
– Servers
– Applications
• Principals with the same access rights are often
collected together in groups
• Each principal has a unique user identifier
associated with it


Threats
• Security threats common to computer
systems fall into four broad classes
– Leakage
• Acquisition of information by unauthorized parties
– Tampering
• The unauthorized alteration of information
– Resource Stealing
– Vandalism

Methods of Attack
• Some common methods of attack include
– Eavesdropping
• Information in transit
• Information in storage
– Masquerading
• Sending/receiving messages using the identity of another user
– Message Tampering
– Replaying
• Storing messages and sending them at a later date
– Denial of Service


Infiltration
• Attacker must have access to the system in
order to attack
– Password cracking
– Virus
• Attaches itself to an existing program
– Worm
• Standalone program
• Not always nasty!!
– Trojan Horse

Morris Worm
rsh attack

finger attack
Grappling hook
sendmail attack

Request for worm

Worm sent
Worm Worm

Target System Target System


Security in a Network
• In a networked system
– The principal threats to security come from the
openness of communication channels
– Potential violators are not easily identifiable, so
we must not assume trust. Assume
untrustworthy until proven otherwise
– The mechanisms used to implement security
must be validated to a high standard


Techniques
• Security mechanisms are based on three
techniques
– Cryptography
• Used to conceal information
• Used in support of authentication
• Used to implement digital signatures
– Authentication
• Validate the identity of the sender
– Access Control
• Allow resources to access only by authorized individuals

Cryptography
• Information can be encoded using a key
when it is written (or transferred)
– encryption
• It is then decoded using a key when it is
read (or received)
– decryption
• Very widely used for secure network
transmission

More on Cryptography

encryption
plaintext ciphertext
decryption



Ke Kd

C = EKe(plaintext)
plaintext Encrypt Decrypt plaintext


Ke Kd

C = EKe(plaintext)

Side information Invader plaintext

Cryptanalysis


Cryptographic Systems
Cryptographic Systems

Conventional Systems Modern Systems

•Ke and Kd are
essentially the Private Key Public Key
same
•Ke and Kd are •Ke is public
private •Kd is private


Private Key Systems
• In private key systems, such as the US Federal
Data Encryption Standard (DES), a single key is
used for both encryption and decryption
• This means that both parties must know the key(s)
before communication can take place
– write it down ahead of time
– have some sort of physical key
– exchange key(s) via secure channels


Block Ciphers
• Many commonly used ciphers are block
ciphers.
– This means that they take a fixed-size block of
data (usually 64 bits)
– Transform it to another 64 bit block using a
function selected by the key.


Block Cipher Modes
• If the same block is encrypted twice with the same
key, the resulting ciphertext blocks are the same
– It is desirable to make identical plaintext blocks encrypt
to different ciphertext blocks.
• Two methods are commonly used for this:
– CFB mode: a ciphertext block is obtained by
encrypting the previous ciphertext block, and xoring
the resulting value with the plaintext.
– CBC mode: a ciphertext block is obtained by first
xoring the plaintext block with the previous ciphertext
block, and encrypting the resulting value.

Secret Key Systems
• DES
– Developed in the 1970s adopted as a standard by the
US government
– DES is a block cipher with 64-bit block size. It uses 56-
bit keys.
– This makes it fairly easy to break with modern
computers or
– A variant of DES, Triple-DES or 3DES is based on
using DES three times (normally in an encrypt-decrypt-
encrypt sequence with three different, unrelated keys).

Secret Key Systems
• Blowfish
– An algorithm developed by Bruce Schneier.
– It is a block cipher with 64-bit block size and variable
length keys (up to 448 bits).
– No attacks are known against it.
• IDEA (International Data Encryption Algorithm)
– Developed at ETH Zurich in Switzerland.
– Uses a 128 bit key, and is considered to be very secure.
– No practical attacks on it have been published despite
numerous attempts to analyze it.

Secret Key Systems
• RC4
– The algorithm is very fast.
– Its security is unknown, but breaking it does not seem
trivial either.
• SAFER
– Developed by J. L. Massey (a developer of IDEA).
– It is claimed to provide secure/fast encryption
• Enigma
– The cipher used by the Germans in World War II.
– This cipher is used by the unix crypt(1) program

Public Key Systems
• In public key cryptosystems, everyone has two
related complementary keys, a publicly revealed
key and a secret key
• Each key unlocks the code that the other key
makes. Knowing the public key does not help you
deduce the corresponding secret key
• The public key can be published and widely
disseminated across a communications network
• This protocol provides security without the need
to reveal the private key

Public Key Systems
Public Key
Database

Kpublic Kprivate

C = EKpublic(plaintext)


RSA
• Rivest, Shamir and Adelman (RSA)
– To find a key pair e and d:
• Chose two large prime numbers, P and Q (each
greater than 10100), and form
– N=PxQ
– Z = (P-1) x (Q-1)
• For d chose any number relatively prime to Z
• To find e solve the equation
– e x d = 1 mod Z


Comparison
• Secret and public key systems
– With suitable keys both are secure enough
– Public-key systems are more convenient to
implement because they do not require a secure
channel to exchange keys
– Secret-key systems are faster


Establishing a Shared Key
• In order for a symmetrical system to work,
both parties need to know a shared key
• Is it possible for two parties to safely use
the network to agree on a shared key?
– To put this another way, can two machines
agree on a common number such that anyone
who listens to that conversation can determine
the number?

Diffie-Hellman Key Exchange
n and g, both are prime, public and special. A picks x
in private, B picks y in private

n, g, gx mod n

A gy mod n B

Compute (gy mod n)x mod n = Compute (gx mod n)y mod n =
gxy mod n gxy mod n


It Works!!
• n=47, g=3
• I’ll pick a small x, you pick a small y
• I send to you
– (47, 3, 9)
• You send to me
– 3y mod 47 (call it z)
• I compute zx mod 47
• You compute 9y mod 47

To Break it
• You know
– n = 47, g = 3
• You also know
– gx mod n = 9
– gy mod n = z
• You need to solve the equation
– zx mod 47 = 9y mod 47


Bucket Brigade
Also known as the person in
the middle attack
n, g, gx mod n

gq mod n
A X B
n, g, gq mod n

gy mod n

Session key S Session key R


Key Distribution Center
• With the previous example, you would need n
different keys to talk to n different people
– Perhaps the same key could be used for an entire
session
• An alternative approach is to use a key distribution
center (KDC)
– The KDC stores a single key for each user
– Authentication and session key management goes
through the KDC


KDC

A, KA(B,KS) KB(A,KS)
KDC
A, KA(C,KS) KC(A,KS) B
A
KS(message1)

C
KS(message2)


Analysis
• Authentication comes for free
– The KDC knows the message came from A
– B knows the first message came from the KDC
– B knows the third message came from A


Replay Attack

A, KA(B,KS)
KDC
KB(A,KS)

A KS(message) B

KB(A,KS)
C
KS(message)


Solutions
• Timestamp messages
– Obsolete messages are discarded
– Clocks cannot be perfectly synchronized
– So timestamps are valid for an interval
• Unique message numbers (nonce)
– Each party remembers all previous nonces
– Messages with used nonces are rejected
– Nonces have to be remembered forever


Needham-Schroeder
RA, A, B
KDC
KA(RA, B, KS, KB(A,KS))
Not a replay Who the Ticket
ticket is for

A Challenge B KB(A,KS), KS(RA2) B
Must be B, Challenge A KS(RA2-1), RB

KS(RB-1) Must be A

KS(message)


Attack
Obtains an old
session key
Replays old message (RA2 could
be different)

X Challenge B KB(A,KS), KS(RA2) B
Must be B, Challenge A KS(RA2-1), RB

KS(RB-1) Must be A

KS(message)


Otway-Rees
A, B, R, KA(A,B,R,RA)

A, KA(A,B,R,RA),
B, KB(A,B,R,RB)
A B
KDC KB(RB,KS)

KA(RA,KS)


Kerberos
Authentication
Server

Client

Trusted server, repository of
keys, protected by a nasty three-
headed dog (Kerberos of Greek
mytholodgy) Server


Kerberos
Authentication Encrypted for client
Server Encrypted for server

Ticket
Client ID Client
Session Key

Session Key After message arrives,
user is prompted for
password which is used Server
to decrypt the message


Kerberos

Session Key Client

Ticket
Client ID
Session Key Server


Kerberos

Session Key
Client

Ticket
Client ID Server
Session Key


Kerberos

Session Key
Client

Server
Client ID
Session Key


Kerberos
Encrypted for session

Client

Message

Server


Authentication
• User/process authentication
– Is this user/process who it claims to be?
• Passwords
• More sophisticated mechanisms
• Authentication in networks
– Is this computer who it claims to be?
• File downloading
• Obtaining network services


Public-Key Authentication

PublicB(A,RA)

A Must be B PublicA(RA,RB, KS) B

KS(RB) Must be A


Challenge Response
A
RB

KAB(RB)
A B
RA

KAB(RA)

KAB(Message)


Challenge Response
A, RA

A RB, KAB(RA) B

KAB(RB)


Reflection Attack
A, RX

RB, KAB(RX)
Needs KAB(RB)

X A, RB B

RB2, KAB(RB)

KAB(RB)


The Lesson
• Designing a correct authentication protocol
is harder than it looks
• General rules
– Have the initiator prove who they are before the
responder has to
– Have the initiator and responder use different
keys for proof
– Have the initiator and challenger draw their
challenges from different sets

Digital Signatures
• Public key systems can also be used to provide
message authentication:
– The sender’s secret key can be used to encrypt a
message, thereby signing it
– This creates a digital signature of a message, which the
recipient (or anyone else) can check by using the
sender's public key to decrypt it.
– This proves that the sender was the true originator of
the message, and that the message has not been
subsequently altered by anyone else

Secure Shell
• Secure Shell (ssh/ssh2) is a tool for improving
Internet security by providing
– Strong authentication
– All communications are automatically and
transparently encrypted
– X11 connection forwarding provides secure X11
sessions
– Arbitrary TCP/IP ports can be redirected over the
encrypted channel in both directions.
– The client RSA-authenticates the server machine in the
beginning of every connection

How It Works
• SSH uses both authentication and
encryption
– Authentication is done using RSA
public/private keys
– Encryption can be done using a variety of
algorithms
• IDEA (default)
• DES
• 3DES
• Blowfish


SSH in Action

Random string encrypted with
public key for mordor Public/private keys
stored on mordor

Mordor returns unencrypted string
If the string matches what was sent,
mordor has been authenticated
Public key for
mordor available
on laptop

Both hosts authenticate themselves!!


User Authentication
• User name and password sent to remote
host encrypted with host’s public key
• Host sends random session key encrypted
with user’s public key
• Session key is decrypted
• User is authenticated
• Rest of conversation is encrypted using
IDEA

07security

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (17)

Destaque

Destaque (20)

Semelhante a 07security

Semelhante a 07security (20)

Último

Último (20)

07security