Basic Network Security_Primer

© 2012 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

Network Security Primer

Authentication and Encryption Techniques

Akshat Sharma,

Cisco Systems




Core

Distribution

Catalyst

3750 Catalyst

3750 Catalyst

3750

Video-Conferencing

Units

Server farms

C2960s C2960s

C2960s

C2960s

C4500


Web

Auth VLANs

802.1X ACLs

SGTs MAB

Cisco Public © 2012 Cisco and/or its affiliates. All rights reserved. 6


• Defined by IEEE and designed to provide port-based network access.

• 802.1x authenticates network clients using information unique to the client and with credentials known only to the client.

•Service known as port-level authentication


Username / Password Directory

alice c1sC0L1v

Certificate Authority

Token Server

Deployment Best Practices Re-use Existing Credentials

Understand the Limitations of Existing Systems

Common Types

Passwords

Certificates

Tokens

Deciding Factors

Security Policy

Validation

Distribution & Maintenance


• The framework is defined by three authentication processes:

1. The supplicant Possibly a standalone device or an end user, such as a

remote user.

2. The authenticator A device to which the supplicant directly connects and

through which the supplicant obtains network access permission

3. The authentication server The authenticator acts as a gateway to the authentication

server, which is responsible for actually authenticating the supplicant.


Authenticator (e.g. Switch, Access

Point, PAE)

Supplicant (Client)

Enterprise Network Semi-Public Network / Enterprise Edge

AuthenticationServer (Radius Server/LDAP or

Kerberos)

RADIUS

NAS


• EAP

Extensible Authentication Protocol

A flexible protocol used to carry arbitrary authentication information

Typically rides on top of another protocol such as 802.1x (EAPoL) or RADIUS/TACACS+, etc.

• EAP Messages

Request

Sent to supplicant to indicate a challenge

Response

Supplicant reply message

Success

Notification to supplicant of success

Failure

Notification to supplicant of failure




Ethernet Laptop computer

802.1X Authenticator/Bridge

Radius Server

EAPOL-Start

EAP-Request/Identity

EAP-Response/Identity

EAP-Request

Radius-Access-Request

Radius-Access-Challenge

EAP-Response (cred) Radius-Access-Request

EAP-Success

Access blocked

Port connect

Radius-Access-Accept

Access allowed

RADIUS EAPOL



• MAB stands for MAC Authentication Bypass.

• It enables port-based access control using the MAC address of the endpoint.

• A MAB-enabled port can be dynamically enabled or disabled based on the MAC address of the device that connects to it.



• WebAuth is a Layer 3 authentication method.

• After IEEE 802.1X (or MAB) has timed out or failed, the port is opened long enough to allow the packets required for WebAuth.

• After the port has been opened, the switch enforces a preconfigured ACL in some VLAN

• At a minimum, the preconfigured ACL should allow the traffic required to complete the WebAuth process. In most cases, the ACL should at least allow DHCP (so the client can acquire an address) and DNS (so the client can trigger WebAuth when using fully qualified domain names in URLs).



802.1Q Trunk

EAP Authentication

AAA

Corporate

Resources

Internet

Employee

Guest User

802.1X fails

MAB : “Printer” Employee Vlan

Web-Auth

802.1X fails

MAB fails

Guest Vlan



• Brute Force considerations : 128 to 256 bit keys

• Landauer’s Limit kT ln 2 (10^18 Joules for 128 bits)

• Available Wireless Encryption Techniques: WEP (outdated) WPA + TKIP (most compatible, less secure) WPA2+AES (Most secure) • DO NOT use WEP!

• PKI infrastructure for strong Authentication and encryption WPA2-AES

+ PKI based 802.1x


• Basically a pseudo random number generator that encrypts data packets.

• Start with generic 802.11 packet

• Use a secret key plus IV to seed RC4 stream cipher to create pseudo random number

• Create a CRC-32 of data portion of packet which is then called ICV.

• Data || ICV XOR Pseudo Random Number = Encrypted portion of WEP Packet


Frame Header Frame Body FCS

Secret Key

(40Bits)

RC4 Algorithm

IV

(24bits)

Generic 802.11 Packet Frame

Shared before communication

begins

Created by

Sending Device

Integrity Check

Algorithm

Frame Body ICV

Frame Header IV

Frame Body ICV FCS WEP Packet Frame

Encrypted


• Key Generation

• ICV Generation

• Weak Key’s and Weak IV’s

• WEP Attacks


• The main problem of WEP is Key Generation.

• Secret Key is too small, only 40 Bits.

Very susceptible to brute force attacks.

• IV is too small.

Only 16 Million different possibilities for every packet.

• Secret Keys are accessible to user, therefore not secret.

• Key distribution is done manually.


• The ICV is generated from a cyclic redundancy check (CRC-32)

Only a simple arithmetic computation. Can be done easily by anyone.

Not cryptographically secure.

• Easy for attacker to change packet and then change ICV to get response from AP.


• Certain keys are more susceptible to showing the relationship between plaintext and ciphertext.

There are approx 9000 weak keys out of the 40 bit WEP secret key.

• Weak IV will correspond to weak Keys.


• Replay

Statistical gathering of certain ciphertext that once sent to server will cause

wanted reaction.

• 802.11 LLC Encapsulation

Predictable headers to find ciphertext, plaintext combinations

• Denial of Service Attacks

Flooding the 2.4Ghz frequency with noise.


• 802.1x

• WPA

• 802.11i

• All much more secure.




Encryption

“The quick

brown fox

jumps over

the lazy

dog”

“AxCv;5bmEseTfid3)

fGsmWe#4^,sdgfMwi

r3:dkJeTsY8R\s@!q3

%”

“The quick

brown fox

jumps over

the lazy

dog”

Decryption

Plain-text input Plain-text output Cipher-text

Same key

(shared secret)


• Strength:

Simple and really very fast (order of 1000 to 10000 faster than asymmetric mechanisms)

Super-fast (and somewhat more secure) if done in hardware (DES, Rijndael)

• Weakness:

Must agree the key beforehand

Securely pass the key to the other party


• Knowledge of the encryption key doesn’t give you knowledge of the decryption key

• Receiver of information generates a pair of keys

Publish the public key in a directory

• Then anyone can send him messages that only she can read


Encryption

“The quick

brown fox

jumps over

the lazy dog”

“Py75c%bn&*)9|fDe^bD

Faq#xzjFr@g5=&nmdFg

$5knvMd’rkvegMs”

“The quick

brown fox

jumps over

the lazy dog”

Decryption

Clear-text Input Clear-text Output Cipher-text

Different keys Recipient’s

public key Recipient’s

private key

private public


• Weakness:

Extremely slow

Susceptible to “known ciphertext” attack

Problem of trusting public key (see later on PKI)

• Strength

Solves problem of passing the key

Allows establishment of trust context between parties


As above, repeated

for other recipients

or recovery agents

Digital

Envelope

Other recipient’s or

agent’s public key

(in certificate)

in recovery policy

Launch key for nuclear missile “RedHeat” is...

Symmetric key

encrypted asymmetrically

(e.g., RSA)

Digital

Envelope

User’s

public key

(in certificate)

RNG

Randomly-

Generated symmetric

“session” key

Symmetric

encryption

(e.g. DES)

*#$fjda^j

u539!3t

t389E *&\@

5e%32\^kd


*#$fjda^j

u539!3t

t389E *&\@

5e%32\^kd

Launch key for nuclear missile “RedHeat” is...

Symmetric

decryption

(e.g. DES)

Digital

Envelope

Asymmetric

decryption of

“session” key (e.g. RSA)

Symmetric

“session” key

Session key must be

decrypted using the

recipient’s private key

Digital envelope

contains “session” key

encrypted using

recipient’s public key

Recipient’s

private key


• We just solved the problem of symmetric key distribution by using public/private keys

• But…

• Scott creates a keypair (private/public) and quickly tells the world that the public key he published belongs to Bill

• People send confidential stuff to Bill

• Bill does not have the private key to read them…

• Scott reads Bill’s messages

• Solution ? – Remember Digital Signatures ?


Hash

Function

(SHA, MD5)

Jrf843kjfgf*

£$&Hdif*7o

Usd*&@:<C

HDFHSD(**

Py75c%bn&*)9|fDe^b

DFaq#xzjFr@g5=&n

mdFg$5knvMd’rkveg

Ms”

This is a

really long

message

about

Bill’s…

Asymmetric

Encryption

Message or File Digital Signature 128 bits Message

Digest

Calculate a short

message digest from

even a long input using a

one-way message digest

function (hash)

Signatory’s

private key

private


Jrf843kjf

gf*£$&Hd

if*7oUsd

*&@:<CHD

FHSD(**

Py75c%bn&*)

9|fDe^bDFaq

#xzjFr@g5=

&nmdFg$5kn

vMd’rkvegMs”

Asymmetric

decryption

(e.g. RSA)

Everyone has access

to trusted public key of

the signatory

Signatory’s

public key

Digital Signature

This is a

really long

message

about Bill’s…

Same hash function

(e.g. MD5, SHA…)

Original Message

Py75c%bn&*)

9|fDe^bDFaq

#xzjFr@g5=

&nmdFg$5kn

vMd’rkvegMs”

? == ? Are They Same?


• Message is captured.

• Hash value of the message is calculated.

• Sender's private key is retrieved from the sender's digital certificate.

• Hash value is encrypted with the sender's private key.

• Encrypted hash value is appended to the message as a digital signature.

• Message is sent.


• Sender's public key is retrieved from the sender's digital certificate

• Encrypted hash value is decrypted with the sender's public key.

• Decrypted hash value is compared against the hash value produced on receipt.

• If the values match, the message is valid.

• Message is received.

• Digital signature containing

encrypted hash value is retrieved

from the message.

• Message is retrieved.

• Hash value of the message is

calculated.

Education

Basic Network Security_Primer