Upload
rachel-mckenzie
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
T825 ... Duncan Maidens 1
BasicSecurity
Cryptography, Concepts
and IPsec
T825 ... Duncan Maidens 2
Security• What do we require from a data security system?
• Confidentiality– Only the intended recipient can read the data
• Integrity– No one can change data in transit
• Authentication– I am who I say I am
• Non Repudiation– Proof of message sent or received
T825 ... Duncan Maidens 3
Encryption
• Solution Encryption
–Take the message (plain text)
–Apply some algorithm to each of the letters (the cipher)
–Generate the encrypted message (cipher text)
T825 ... Duncan Maidens 4
Simple Encryption
T825 ... Duncan Maidens 5
Method and Key
• Encryption has two major components
–Method
•This is publicly known
–Key
•This is a secret known only to the two parties who are communicating
T825 ... Duncan Maidens 6
Simple Encryption• Substitution
– Caesar Cipher – Replace each letter in the plain text by another letter from ‘n’
places up in the alphabet
• Encryption method– Substitution
• Encryption key– N=3
A B C D E Z
D E F G H C
I C A M E I S A W I C O N Q U E R E DL F D P H L V D Z L F R Q T X H U H G
Veni, vidi, vici
T825 ... Duncan Maidens 7
Caesar’s 26 keys
0 A B C D E F G H I J K L M N O P
1 B C D E F G H I J K L M N O P Q
2 C D E F G H I J K L M N O P Q R
3 D E F G H I J K L M N O P Q R S
4 E F G H I J K L M N O P Q R S T
5 F G H I J K L M N O P Q R S T U
6 G H I J K L M N O P Q R S T U V
7 H I J K L M N O P Q R S T U V W
T825 ... Duncan Maidens 8
Simple Encryption Problems
• Simple encryption systems can be broken by statistical analysis
– The letter ‘e’ occurs 13% in English texts– Distribution statistics exist for all the letters in an
alphabet/language – With the power of computing, easy to try several
alternatives– With Ceasar’s there were only 26 possible keys.
T825 ... Duncan Maidens 9
Making it harder to crack
• Polyalphabetic substitution ciphers
–Rotate the key in use
–Means each time a specific letter occurs it may be substituted by a different letter
–Hence it is more complex to analysis
T825 ... Duncan Maidens 10
Polyalphabetic substitution
0 A B C D E F G H I J K L M N O P
1 B C D E F G H I J K L M N O P Q
2 C D E F G H I J K L M N O P Q R
3 D E F G H I J K L M N O P Q R S
4 E F G H I J K L M N O P Q R S T
5 F G H I J K L M N O P Q R S T U
6 G H I J K L M N O P Q R S T U V
7 H I J K L M N O P Q R S T U V W
Keyword BED Use 1, 4, 3, 1, 4, 3……
T825 ... Duncan Maidens 11
Polyalphabetic substitution
1 4 3 1 4 3 1 4 3 1 4 3 1 4 3 1 4 3 1I C A M E I S A W I C O N Q U E R E DJ G D N I L T E Z J G R O U X F V H E
• Keyword is BED
• Encryption method– Substitution
• Encryption key– 1, 4 , 3 and then repeat
0 A B C D E F G H I J K L M N O P
1 B C D E F G H I J K L M N O P Q
2 C D E F G H I J K L M N O P Q R
3 D E F G H I J K L M N O P Q R S
4 E F G H I J K L M N O P Q R S T
5 F G H I J K L M N O P Q R S T U
6 G H I J K L M N O P Q R S T U V
7 H I J K L M N O P Q R S T U V W
T825 ... Duncan Maidens 12
Polyalphabetic substitution
• How to crack this?• Statistical analysis
– Guess the codeword length ..say 4– Analyse every 4th letter for a distribution– If no pattern emerges try every 3rd…. Etc– With the power of computing, easy to try several
alternatives– Again with modern computing we can analyse the
cipher text and crack the code
T825 ... Duncan Maidens 13
Other Encryption Systems
Transposition ciphers– Re-order the letters in the message– Use a key to specify the re-ordering sequence
T825 ... Duncan Maidens 14
Transposition ciphers
1 2 3 4 5
I C A M E
I S A W I
C O N Q U
E R E D Z
Message :-I CAME I SAW I CONQUERED
Write the message into the box ignoring the spaces.Insert random characters at the end of message to fill grid
Chose the KEY 3, 2, 4, 1, 5Read out the letters in column order
AANE CSOR MWQD IICE EIUZ
T825 ... Duncan Maidens 15
Breaking Transposition ciphers
A A N E C S O R M W Q D I I C E E I U Z
2 1 3 RED
2 1 3
Look for common letter groups “THE” “ING” “RED” “CH” at regular spacing e.g. 4
When finding a pattern, look with same spacing for other groups
SAW
T825 ... Duncan Maidens 16
Confusion and Diffusion
• Cracking substitution relies on spotting letter frequency and knowing the letters are in the correct position
• Cracking transposition relies on knowing we have the correct letters and moving the letters into the correct place
• When used together to produce a cipher that is ‘virtually impossible’ to crypt analysis
• We break these by brute force– Try all possible keys– Bigger keys (more bits) takes longer to break.
T825 ... Duncan Maidens 17
Cipher Machines
• Down the ages cipher machines were developed such as the famous German Enigma machine
T825 ... Duncan Maidens 18
Security• Data Encryption Standard (DES)
– Uses substitution and transposition– Initial proposal used 128 bit key– US NSA requested key to be reduced to 56 bits– With enough computing power this can now be broken in less
than 3 hours by brute force attack
• Replaced with Triple DES– Uses cascaded DES encryption
• 3 * 56 bit key = 168 bit key– 2 key version 1013 times stronger then DES
T825 ... Duncan Maidens 19
Symmetric encryption
• In a shared key encryption, a single key is used for both encryption and decryption of the data
• Only the trusted parties must know the shared secret key• DES, 3DES, IDEA, and Blowfish are examples of shared key
encryption
T825 ... Duncan Maidens 20
Does this encryption system solve all our requirements?• Confidentiality
– Yes
• Integrity– No
• Message may be incorrect • We can use a hash algorithm
• Authentication– Yes
• Assuming no one has stolen the key
T825 ... Duncan Maidens 21
Problems with symmetric encryption• Two big problems exist:
–Scalability
•For each secure channel we need a unique pair.
–Key distribution
•How do we distribute the key to the two ends of the link?
•What if I want 1 million secure links?
T825 ... Duncan Maidens 22
New Solutions
• Public-Private Keys• Diffie-Hellman Key Exchange
• Developed by Mathematicians who focussed on prime numbers, modular arithmetic and one way functions
T825 ... Duncan Maidens 23
Public Key Encryption
• Ron Rivest, Adi Shamir and Lenard Adleman produced a popular encryption method called RSA, using modular mathematics they generated two inter-related keys: – Public key– Private key
T825 ... Duncan Maidens 24
Public Key Encryption
• Keys are generated as a pair– Public Key– Private Key
• Given one key, the other key cannot be derived• Data encrypted with one key can only be decrypted with
the other key
T825 ... Duncan Maidens 25
Pay to Terry Smith £100.00
One Hundred and xx/100 Pounds
A priA pub
BobAlice
EncryptPay to Terry Smith £100.00
One Hundred and xx/100 Pounds
Public Key Encryption
Decrypt
A pub
KJklzeAidJfdlwiej47DlItfd578MNSbXoE
T825 ... Duncan Maidens 26
Does this encryption system solve all our requirements?
• Confidentiality– Yes
• Integrity– No
• Message may be incorrect• Unless we use a hash algorithm
• Authentication– No
• Our public key is publicly available
T825 ... Duncan Maidens 27
How to make Authentication with
Public and Private Keys• Use your own private key to encrypt your
‘signature’
–Digital signature
–You’re the only one with your private key
•Hence the message can be authenticated
–The recipient can check your signature by ‘decrypting’ it with your public key
T825 ... Duncan Maidens 28
Fhlkdhfakjs asjfa1KJklzeAidJfdlwiej47DlItfd578MNSbXoE
‘signature’From Bob (12)
B pri
A pub
Bob
Encrypt
Pay to Terry Smith £100.00( 12 )
Public Key Encryption with Signatures A
pub
Encrypt
B pub
+
T825 ... Duncan Maidens 29
Fhlkdhfakjs asjfa1
KJklzeAidJfdlwiej47DlItfd578MNSbXoE
‘signature’From Bob (12)
A pri
A pub
Alice
Decrypt
Pay to Terry Smith £100.00( 12 )
Public Key Decryption with Signatures
Decrypt
B pub
+
B pub
T825 ... Duncan Maidens 30
Message in transit to Alice
Fhlkdhfakjs asjfa1KJklzeAidJfdlwiej47DlItfd578MNSbXoE
A pub
B pri
MESSAGE SIGNATURE
B pubA pri
Message encrypted with Signature encrypted (signed) with
Message decrypted with Apri. Only Alice can do this. Anyone could have encrypted it
Signature decrypted with BpubAnyone with Bpub can do this, but only the one with Bpri key could have signed it
T825 ... Duncan Maidens 31
Is this secure?
• Relies on knowing you have Bpub and it really is Bob’s public Key
• Need to be sure so get Bob’s public key from a trusted source
• Key must be signed by someone you already trust• You must have the signer’s public key to check their
signature– A trusted key authority (Certificate Authority)
• This is called a digital certificate
T825 ... Duncan Maidens 32
Digital Certificate
Bob’s public Key
AHGAH AJAHJAGJAG AKKUHAKKGK AKAKGGKAKK KGKJG
Signed CA private key
T825 ... Duncan Maidens 33
RSA Algorithm and Prime numbers
• Relies on not being able to derive one key from the other.
• Based on Prime numbers and modular arithmetic.
T825 ... Duncan Maidens 34
Prime number basics.
• Prime numbers – A whole number that can only be divided by itself and
1.– 2,3,5,7,11,13,17,19,23,…….– Do primes go on to infinity?– Can we use a formulae to calculate the list of prime
numbers?– Is there any pattern to their position in the set of
natural numbers.
T825 ... Duncan Maidens 35
Primes in cryptography• Prime numbers and Cryptography
– RSA relies on equations that are easy to compute in one direction, but very difficult in the other.
– For example • 34 * 24 = 816.• What two numbers when multiplied give 816?• Multiple solutions – factorise answer to solve.
– What happens when numbers are primes?• 19*23 = 437.• What two numbers when multiplied give 437?• There is only one solution. How can we find it?• What about the product 1506181? Can you solve it?
T825 ... Duncan Maidens 36
Cryptanalysis of RSA • One method of cracking RSA encryption tries to factorise these
very large products of two primes• Understanding the distribution of primes may be the ‘key’ to
solving this problem.• Many number theorists have tried to understand how primes are
distributed.• One such theory that may help is the Riemann Hypothesis
– The hypothesis concerns the distribution of zeros in Riemann’s zeta function.
– The distribution of zeros has been proved to be the same as the distribution of primes.
– Proving this hypothesis and thus understanding the distribution of primes, could lead to being able to crack RSA encryption.
T825 ... Duncan Maidens 37
With RSA why do we still use a Symmetric System
• RSA with certificates provides Authentication, Confidentiality, and Integrity– However the algorithm is computationally intensive– Not suitable for bulk or real time encryption
• Need Symmetrical encryption for this.– DES, 3DES and AES can be done in real time– Still need the Shared Secret KEY.
T825 ... Duncan Maidens 38
Diffie-Hellman key Exchange
• The Diffie-Hellman algorithm provides a way for two users, Bob and Alice, to establish a shared secret key that only they know– They then use the key for symmetrical encryption (e.g.
3DES)– The shared secret key can be established even
though Bob and Alice are communicating over an insecure channel
T825 ... Duncan Maidens 39
Diffie-Hellman Key Exchange
1. Generate large integer p Send p to Peer B Receive q Generate g2. Generate private key XA
5. Generate shared secret number ZZ = YB^ XA mod p
2. Generate private key XB
3. Generate public key YA = g ^ XA mod p
3. Generate public key YB = g ^ XB mod p
4. Send public key YA 4. Send public key YB 5. Generate shared secret number ZZ = YA^ XB mod p
6. Generate shared secret key from ZZ (56-bit for DES, 168-bit for 3DES)
6. Generate shared secret key from ZZ (56-bit for DES, 168-bit for 3DES)
Peer BPeer A
1. Generate large integer q Send q to Peer A Receive p Generate g
T825 ... Duncan Maidens 40
Very Simple Guide to Diffie Hellman
(without modular arithmetic)Pub = g Pri Let g = 2Alice BobApri = 3 Bpri = 4
Apub = 2 3 = 8 Bpub = 2 4 = 16Apub = 8 Bpub = 16
Remember it is really Pub = g Pri MOD p
We can’t go back from public key
to work out the private key.
SS= BpubApri
= 163= 4096
SS= ApubBpri
= 84= 4096
SS= ( 2Bpri)Apri
= ( 24)3
SS= 2(Bpri * Apri)
= 212 =4096
SS= ( 2Apri)Bpri
= ( 23)4
Choose Private Keys
Generate public keys
Swap public keys
Compute shared secret key
How does it work?
Both ends have same shared secret key
T825 ... Duncan Maidens 41
More Realistic Guide to Diffie Hellman
Pub = g Pri MOD p
g = 5; p = 23
Alice Bob
Apri = 6 Bpri = 15
Apub = 5 6 MOD 23 Bpub = 5 15 MOD 23
Apub = 8Bpub = 19
Remember Pub = g Pri MOD pWe can’t go back !
SS= BpubApri MOD 23 SS= ApubBpr MOD 23 i
SS= 2 SS= 5(6*15) MOD 23 SS= 2SS= 196 MOD 23
SS= 815 MOD 23
T825 ... Duncan Maidens 42
Problem
• How can Bob be sure that he is speaking to Alice when running Diffie-Hellman?
• Some sort of authentication is required– Pre-share keys
• Not scalable– Digital certificates
• Needs a certificate authority• Scalable
T825 ... Duncan Maidens 43
Virtual Private Networks
• A connection over a network (such as the internet) between two other networks, that makes the two networks operate as if they were connected.
• They need not be encrypted, but often are.– Not encrypted GRE - VPN– Encrypted IPSEC - VPN
T825 ... Duncan Maidens 44
Why have VPN’s
T825 ... Duncan Maidens 45
IPSEC - VPN
• IPSEC – VPN
–Encrypt the whole IP datagram (possibly header and all)
–Build a tunnel (Embed the packet in a new IP header)
–Send over insure network to other end of tunnel
T825 ... Duncan Maidens 46
IPSEC Virtual Private Networks
• Use authentication to establish who is at the other end
• Use Diffie-Hellman to generate shared secret keys
• Use symmetrical system (DES) to encrypt data
T825 ... Duncan Maidens 47
VPN usage scenarios
T825 ... Duncan Maidens 48
Pulling it all together
IKE – Internet Key Exchange
IKE – Phase 1 – Uses ISAKMP
IKE – Phase 2 – Uses Transform sets
Access list specifies interesting traffic
Crypto map – pulls it all together
T825 ... Duncan Maidens 49
IPSEC VPN
• ISAKMP POLICY
–Authenticate
–Agree encryption
–Generate keys (group 1,2 or 5)
• IPSEC transform set
–Bulk encryption and authentication method
–Tunnel / transport mode
T825 ... Duncan Maidens 50
IPSEC VPN
• Interesting Traffic for VPN
–Specified by an access list
• Crypto map
–Pulls it all together
–Applied on an interface
T825 ... Duncan Maidens 51
See it in action !
fa 0/0
int fa 0/0crypto map MYMAP
crypto isakmp policy 1 authentication pre-share encryption des hash md5 group 1
crypto map MYMAP 10 ipsec-isakmp set peer x.x.x.x set transform-set MYTRANS match address 100set pfs group 2
access-list 100 permit ip SA DA
crypto isakmp key MYKEY address x.x.x.x
crypto ipsec transform-set MYTRANS esp-des
crypto map MYMAP 10 ipsec-isakmp set peer x.x.x.x set transform-set MYTRANS match address 100set pfs group 2
access-list 100 permit ip SA DA
crypto isakmp policy 1 authentication pre-share encryption des hash md5 group 1
crypto isakmp key MYKEY address x.x.x.xcrypto ipsec transform-set MYTRANS esp-desint fa 0/0crypto map MYMAP
T825 ... Duncan Maidens 52
Perfect Forward Secrecy
• With no pfs set the keys for IKE phase 2 are derived from the keys in phase 1.
• With pfs set we re-run Diffie Hellman for each set of keys we need in phase 2.
T825 ... Duncan Maidens 53
GRE Generic Route Encapsulation
• Why– To allow routing traffic over a VPN by making it unicast
• Could we run unicast with neighbour statements?• Multicast has been supported for IPSEC since 12.24 T• We need it to make the interfaces we wish to neighbour
be the same Subnet . That way they appear directly connected.
T825 ... Duncan Maidens 54
R1 and R3 can neighbour.
T825 ... Duncan Maidens 55
The data flow with Secure GRE
Tunnel 0
Serial 0
Routed
GRE traffic
IP traffic
IPSEC traffic•CRYPTO MAP HERE•GRE is interesting traffic.
T825 ... Duncan Maidens 56
The Encapsulation with Secure GRE
IP GRE IPSEC
Tunnel Interface
Serial Interface
T825 ... Duncan Maidens 57
And …
• Multiple VPNs from a single interface.• IPSEC – MANUAL• SSL VPN in CCNA-SEC
T825 ... Duncan Maidens 58
The End