View
224
Download
2
Tags:
Embed Size (px)
Citation preview
1
Network SecurityTools and Techniques
Mohamed M. HefeedaMohamed M. Hefeeda
Supervised By: Prof. Reda Ammar
September 2000
2
???? Motivations ????
• How does my bank secure my online transactions?
• How does ___.com protect my credit card if I order online?
• How can an enterprise build a secure private network to link its distributed sites?
• How can we send e-mails that contain secret or sensitive data over the insecure Internet?
• How …..?
• They usually say: Don’t Worry, we use Cryptography, 128-bit encryption, SSL, SET, …!!
• Well, but how???????????
3
Outline
• Part I: Applied Cryptography– The Tools
• Part II: Network Security Techniques– How to use the Tools to build secure systems
• Part III: Mobil Code Security – New evolving technology which has many potential
applications but security is a major issue/problem
4
Outline (contd.)
• Part I: Applied Cryptography (The Tools)– Conventional Cryptography (Private- or Symmetric-key)
• Concepts/Principles
• DES, 3-DES, IDEA, CAST, Blowfish, RC2, RC5, ….
– Public-key Cryptography• Concepts/Principles
• RSA, ElGamal, Diffie-Hellman, …
– Message Digest (One-way Hash algorithms)• MD5 and SHA
– Digital Signature• DSS (based on ElGamal and Schnor scheme) and RSA
– Message Authentication Code (MAC)• HMAC
– Cryptographic Pseudorandom Number Generators• Blum-Blum-Shub, ANSI X9.17, ...
5
Outline (contd.)
• Part II: Network Security (The Techniques)– Authentication Protocols:
• Kerberos and X.509 Authentication services
– Web Security:• SSL and SET
– E-mail Security:• PGP and S/MIME
– IP Security
– Biometrics
– Smartcards
– Languages which support Security• Java Security Model
– Case Study (Windows 2000 Security Features)• Kerberos, Public-Key Infrastructure, Encrypted File System, ...
6
Outline (contd.)
• Part III: Mobile Code Security– Mobile Agents
• Concepts, applications, and Security Issues
– Protecting the host from the visiting agents• Sandboxing
• Digital-Shrink Wrap
• Proof-Carrying Code
– Protecting the agent during the transfer• Passive attacks
• Active attacks
– Protecting the agent from the Host• Limited Backbox
• Computing with encrypted functions
• Cryptographic traces
7
Conventional Cryptography: Concepts
• One Key:– used for both encryption and decryption (symmetric)
– Alice and Bob meet in private and agree on a key
• Principles:– Confusion
• The ciphertext should depend on the plaintext and the key in a complicated and involved manner. (done through substitution)
• Objective: hide how the statistics of the ciphertext depend on the statistics of the plaintext
– Diffusion• Each plaintext bit should affect every (or as many as possible) of the
ciphertext bits. (done through permutation or transposition)
8
Conventional Cryptography: DES
• Data Encryption Standard (DES)– Late 60’s: IBM developed LUCIFER encryption algorithm
– In 1973: NIST accepts IBM’s proposal as a national cipher standard
– In 1977: After refinement, DES became the standard
• Description:– Plaintext X; |X| = 64 bits, X = L0R0
– Key K; |K|= 56 bits
– Three stages:• IP: Initial Permutation, X0 = IP(L0R0)
• 16 iterations of a certain function, F
• IP-1: Y = IP-1(L16R16)
9
DES: Encryption
Initial Permutation
Round 1
Round 2
Round 16
32-bit swap
Inverse Initial Permutation
GenerateSub-keys
K1
K2
K16
56-bit key64-bit plaintext
64-bit ciphertext
• Decryption: same procedure but reverse the order of the sub-keys
13
DES: Security Strength
• The security of DES is based on the design of the S-boxes, which is NOT publicly published!
• Some suspicious that S-boxes were designed with some trapdoors that might allow their designers (NIST) to break the system
• Exhaustive search needs 256 no longer secure
• Hence, other algorithms are proposed:– 3-DES: with two (112 bits)and three keys (168 bits).
• Encryption: Ek1-> Dk2
->Ek3 • Decryption: Dk3->Ek2->Dk1
– Blowfish: fast, secure, variable length key (32 to 448)
– IDEA: key is 128-bit
– CAST: key is 128-bit, used in PGP
14
Public-key Cryptography: Concepts
Encryption Algorithm
Decryption Algorithm
Public Keys(Trusted Party)
Certificate Authority, e.g. VeriSign, CertCo, ...
Alice
M
Bob
C= EKUB(M) M=DKRB
(C)
Plaintext Ciphertext
RegistrationRead/Verify Bob’s public key
• Two keys: (Asymmetric)
— public: used for encryption
— private: used for decryption
Private Key
15
Public-key Cryptography: RSA
• Based on the “Factoring is Hard” assumption
• Key generation:– select p, q large primes, let n= p*q
– select e where: gcd ((n), e) = 1. ( (n) = (p-1)(q-1) )
– compute the private key, d = e-1 mod (n)
– public key: {e, n}
• Encryption– C = Me (mod n)
• Decryption:– M = Cd (mod n)
16
Network Security:Authentication Techniques
• Authentication: prove your identity usually by:– knowing a shared secret (conventional cryptography) or
– signing a message using your private key (public-key cryptography)
• Kerberos Authentication Protocol (MIT)– Two versions: ver 4 (still widely used) and ver 5 (future)
– Uses DES
– Four entities:• Client (C): requesting for a service
• Server (V): providing the service
• Authentication Server (AS): knows all passwords. Shares a unique secret key with each server.
• Ticket-Granting Server (TGS): issues tickets to users who have been authenticated by AS to access a certain service on a certain server V.
18
Kerberos: messages exchange
Table 1. Summary of Kerberos Ver 4 Messages Exchange
(a) Authentication service Exchange: to obtain ticket granting ticket
(1) C AS: IDc || IDtgs || TS1
(2) AS C: Ekc[Kc,tgs || IDtgs || TS2 || Lifetime2 || Tickettgs]
Tickettgs = Ektgs[Kc,tgs || IDc || ADc ||IDtgs || TS2 || Lifetime2]
(b) Ticket-Granting Service Exchange: to obtain service-granting ticket
(3) C TGS: IDv || Tickettgs || Authenticatorc
(4) TGS C: Ekc,tgs[Kc,v || IDv || TS4 || Ticketv]
Tickettgs = Ektgs[Kc,tgs || IDc || ADc ||IDtgs || TS2 || Lifetime2]
Ticketv = Ekv[Kc,tgs || IDc || ADc ||IDv || TS4 || Lifetime4]
Authenticatorc = Ekc,tgs[IDc || ADc || TS3]
(c) Client/Server Authentication Exchange: to obtain service
(5) C V: Ticketv || Authenticatorc
(6) V C: Ekc,v[TS5+1]
Ticketv = Ekv[Kc,v || IDc || ADc ||IDv || TS4 || Lifetime4]
Authenticatorc = Ekc,v[IDc || ADc || TS5]
19
Network Security: Web Security
• Security threats:– Passive attack (eavesdropping)
– Active attacks (modify data)
• Security approaches:– Secure Socket Layer. (just above the Transport Layer)
– Secure Electronic Transaction (in the Application Layer)
– Using the IP Security (Network Layer)
20
Network Security: SSL
• Secure Socket Layer (SSL)– Originated by Netscape
– Supports security over the Internet and Intranets
– Provides:• Authentication
– using certificates (public key)
• Confidentiality (encryption)– DES40, DES, 3DES, IDEA, RC2, RC4, and Fortezza
• Integrity (MAC uses one of the following)– MD5 (128-bit hash)
– SHA (160-bit hash)
22
SSL: Handshake Protocol
SSL Handshake Protocol Summary
• Used for Authentication and Key exchange
23
SSL: Record Protocol
SSL Record Protocol Operations
• Provides confidentiality and message integrity
24
Network Security: Biometrics
• Authentication/identification approaches based on:– Something you know, e.g. password, PIN number, ...
– Something you have, e.g. ATM card, physical key, …
– Something you are, e,g. biometrics: fingerprint, …
• Biometrics: authenticate individuals based on their biological and/or behavioral characteristics– fingerprint matching
– Iris scanning
– Hand geometry matching
– Retina scanning
– Face recognition
– voice recognition
– DNA, …..
25
Biometrics: system architecture
BiometricReader
FeatureExtractor
BiometricReader
FeatureExtractor
FeatureMatcher
User
Database
Enrollment Phase
Identification Phase
User
Store
Restore
A typical biometric system
26
Case Study: Windows 2000
• Security Features:– Kerberos ver 5 authentication protocol
• Faster, more efficient, and more secure than NTLM
– Encrypted File System (EFS)• transparent to the user• public- and private- key encryption• encrypts the file using DES• encrypts the key of the DES using the user’s private key
– Public-key based protocols• SSL/TLS• Certificate Server
– IP Security (IPSec)• to build a Virtual Private LAN