CT30A8800 Secured communications

Transcription

1 CT30A8800 Secured communications Pekka Jäppinen September 11, 2007 Pekka Jäppinen, Lappeenranta University of Technology: September 11, 2007

2 General Ti Secured Communications Lecturer: Pekka Jäppinen Contact: 1. period Tue: Room 6623 Lectures: 1st period Tue: room 1382 Exercises: 8-10 room 6325 Seminars: End of 2nd period Coding work: By the end of January (can be returned as soon as it is finished) Course webpage: Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

3 Literacy Lectures: Schneier: Applied Cryptography Trappe & Washington: Introduction to Cryptography with Coding Theory Menezes et al: Handbook of Applied Cryptography Stallings: Cryptography and network Security Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

4 Grading Maximum points from the course is < > Exam : 40p (min 20p) Practical work: 30p (min 10p) Seminar: 30p (min 15) Written part (15p) Presentation (15p) Bonus points can be gained by participating exercises and being active in seminars Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

5 Seminar (see details on course webpage) This year the seminar topics will consist of existing security protocols. You can suggest Written part Write a document that describes the protocol or part of it and evaluates its good and bad points Presentation ~30 minutes Describe the protocol and give your own analysis of it s security Discussion: ~15 minutes Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

6 Audience can give their own questions and comments about protocol. Activity and knowledge here will give extra points and can enhance your grade. Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

7 Practical assignment Create a secured communication channel between two computers. Any programming language can be used One security method should be created by hand i.e. programmed from scratch by yourself, for others existing libraries can be used. Assigments are returned personally and their functionality is demonstrated to the lecturer. There will be questions about the implementation during your presentation, so you better be able to justify your solution Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

8 Cryptographic techniques used are selected with algorithm stated on course web page, where additional details also exist. Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

9 What is communication Communication is transfer of data between two or more communicating partners. Between communicating partners is formed a communication channel Communication channel can be formed over variety of communication mediums Information can be transmitted in digital or analog form This course concentrates on digital trasmissions Basic threats against communication channel Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

10 Unauthorised connection Eavesdropping of communication Transmitted data: Modification Repetition Denying of the data transfer Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

11 Communication medium Wired Copper cable Information is transmitted in electricity Eavesdropping is possible by using inductance Fiber Information is transmitted as light, eavesdropping on wire is not possible Wireless Infrared (IrDA) Signal is directed, but is easily reflected all around and thus possible to eavesdrop Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

12 Radio (802.11*,GSM,GPRS,Bluetooth,zigbee...) Signal travels freely in the air and there are lot of potential eavesdroppers. Authentication is very important Sonic communications same problems than Radio based systems Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

13 General defense methods Physical defense Prevent attacker to have acces on transmission path Hard and expensive in many cases Software based defence Authentication: Verifies the identity of the communication partners Encryption : protects from eavesdrop and data modification (modification can be noticed) Digital signatures: Verifies the authenticity of the data, protects against denying, reveals changes in data. Timestamps: Prevents message repetitions Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

14 General secure communication protocol Can be used for practical assignment Tasks done prior the connection forming 1. Creation of asymmetric keys 2. Exchange of asymmetric keys (could be done during the connection creation too) The actual protcol 1. (authentication of communication partners if desired) Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

15 2. Creation of symmetric key 3. Exchange of symmetric key (authentication can be done during this step too) 4. Encryption of the data packet with symmetric cipher 5. calculation of hash value of the packet 6. Signing of the hash 7. Transmitting the packet 8. Receiving the packet 9. Decryption of packet Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

16 10. Validation of the signature with hash Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

17 Course structure 1. Mathematics (a) The basic issues about modular algebra that is needed to have understanding on principles of some cryptographic systems. 2. Asymmetric cryptography 3. Symmetric cryptography 4. Hash functions 5. Digital signatures Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17

18 6. Encryption keys and key exchange. 7. Authentication 8. Protocol security 9. Existing protocols (WPA,TLS, IPSEC...) 10. Seminar presentations Pekka Jäppinen, Lappeenranta University of Technology: September 11, /17