Network Encryption. Dr. Michael Ritter. September 18 th, 2015

Transcription

1 Network Encryption Dr. Michael Ritter September 18 th, 2015

2 What the heck is Elliptic Curve Diffie-Hellman? Dr. Michael Ritter September 18 th, 2015

3 ADVA Optical Networking at a Glance Value-added connectivity solutions for applications of tomorrow 3

4 Organized Crime Turning to Cyberspace No longer dominated by hackers accessing computer systems just for fun Criminal-to-Criminal models to create crimeware tools Crime-as-a-Service business models Financial gain ranges from tens of thousands to tens of millions of dollars Transforming into a global, fast-expanding and profit-driven industry 4

5 Ways to Secure Private Data Physical Security Logical Security Data Encryption Toolkit for implementing a tiered data security strategy 5

6 Data Security Made Easy 6

7 Cryptography Applied Encryption Algorithm Encryption Key Generating cipher text Specifying the transformation Key Exchange Method Authentication Distributing keys securely Confirming identity of a party More than encoding and decoding private information 7

8 Historical Ciphers Pen and Paper Caesar Cipher Electromechanical Machines Enigma 8

9 Modern Ciphers AES Rijndael [rain-dahl] RSA Rivest, Shamir and Adleman Substitution & Permutation Cycles Encryption c m e (mod n) [ b 0 b 1 b 2 b 3 ] = [ 1&0& 1 0 & 1 1 & 1&0 1&1 ] [ b 0 b 1 b 2 Decryption m c d (mod n) 9

10 RSA Key Generation 1. Choose two distinct prime numbers p and q 2. Compute the modulus n=pq 3. Compute Euler s totient function φ(n) = (p 1)(q 1) 4. Choose an integer e as the public key such that 1<e< φ(n) and e and φ(n) are coprime 5. Determine the private key e d 1 (mod φ(n)) 10

11 RSA Key Generation Example 1. Choose two distinct prime numbers p= 61 and q= Compute the modulus n=pq= Compute Euler s totient function φ(n) = (p 1)(q 1)= Choose an integer e=17 as the public key such that 1<e< φ(n) and e and φ(n) are coprime 5. Determine the private key e d 1 (mod φ(n)) d =

12 Resulting RSA Functions Encryption function c(m)= m 17 (mod 3233) Decryption function m(c)= c 2753 (mod 3223) Example m=65 c= (mod 3233)=2790 m= (mod 3223)=65 12

13 Diffie-Hellman Key Exchange Eve Alice Bob 13 Alice and Bob agree to use a prime number p and a base g Alice chooses a secret integer a and sends Bob A = g a mod p Bob chooses a secret integer b and sends Alice B = g b mod p Alice computes s = B a mod p Bob computes s = A b mod p Alice and Bob now share the same secret s

14 Man In-the-Middle Attack Eve Alice Bob Eve may establish two distinct key exchanges, one with Alice and the other with Bob Effectively masquerading as Alice to Bob, and vice versa Method to authenticate the communicating parties to each other is needed to prevent this type of attack 14

15 Authentication of Identity Certificate Authority (CA) Certificate Database X.509 Certificate X.509 Certificate Alice Bob 15

16 Options for Data Loss Prevention Data at Rest Proactive and corrective Pushed to data owners who become policing cloud Keys must exist as long as data Distributed processing Data in Motion Preventative Centralized administration prevents accidental transmission Session keys only High application performance Both are essential components of a modern security environment 16

17 Securing Data in Motion Application, Presentation, Session Layer Data Encryption Options 4 Transport Layer TCP, UDP Segments TLS, SSH OSI Layer 3 Network Layer IP/MPLS Packets IPSec 2 Data Link MAC Frames MACsec 1 Physical PHY Bits In-flight Encryption 17

18 ConnectGuard Latency Figures Wavelength Division Multiplexing Depends on FEC mode enabled Additional latency < 150nsec Carrier Ethernet Depends on how buffers and shapers are configured Additional latency < 5µsec IPsec In the msec range depending on hardware acceleration Ultra-fast Fast Slow 18

19 Top 5 Network Encryption Myths 19

20 Myth #1 Transport Networks Are Secure 20

21 Tapping Fiber-Optic Cables is Reality GCHQ was able to boast a larger collection of data than the US, tapping in to 200 fiber-optic cables to give it the ability to monitor up to 600 million communications every day the GCHQ operation codenamed Tempora has been running for 18 months UK Government Communications Headquarter GCHQ information from Internet and phone use was stored for up to 30 days to be sifted and analyzed 21

22 Spying Together for Success commercial consortium personnel had apparently discovered the program Wharpdrive, for which SSO had tapped a fiber-optic cable all signs indicate that the agency had help from Germany's Bundesnachrichtendienst (BND), it isn't clear from the document exactly where the BND and NSA accessed the fiber-optic cable nor is there any indication of the operation's target 22

23 Thousand Ways to Hack a Packet Network British spies hacked into the routers and networks of a Belgian telecommunications company the primary aim [ ] was to compromise the GRX router system that BICS controlled involves placing high-speed servers at key Internet switching points to conduct a man-in-themiddle attack when a target tries to surf the web 23

24 Myth #2 IPsec Is Sufficient for Network Encryption 24

25 IPsec Challenges Technical Aspects Latency Delay is measured in msec instead of µsec Efficiency Up to 50% additional bandwidth overhead Scalability No wire-speed performance up to 100Gbps Speed Slower connection establishment Compatibility Traditional IPsec can not pass through NAT Complexity Issues scale linearly with links and endpoints 25

26 Myth #3 Elliptic Curve Cryptography Is More Secure 26

27 Asymmetric Encryption Based on the assumption that there are mathematical problems, which are easy to calculate in one direction, but difficult in the other RSA assumes that it is difficult to factor a large integer composed of two or more large prime factors Factorize 13,717,421 Calculate 3,607 * 3,803 27

28 Theory of Elliptic Curve Cryptography Finding the discrete logarithm of a random elliptic curve element with respect to a publicly known base point is infeasible Primary benefit is a smaller key size, reducing storage and transmission requirements Security Level Comparison Example Curve RSA ECC 1, , ,

29 Myth #4 Post-Quantum Security Is Needed Today 29

30 The Future: Post-Quantum Cryptography Quantum computers make direct use of quantum-mechanical phenomena Will be able to solve certain problems much more quickly than any classical computers Examples are search in extremely large data bases and integer factorization of extremely large numbers Post-quantum cryptography refers to algorithms that are thought to be secure against an attack by a quantum computer Development of actual quantum computers is still in its infancy 30

31 Quantum Key Distribution: Unhackable Quantum mechanics has proven that the act of observing something changes its state in a non-reversible way 31

32 World s First QKD + 100Gbps Field Trial 32

33 Myth #5 Crypto Terminology is Cryptic 33

34 Understanding the Basics Is Sufficient There are many complex buzzwords and acronyms to describe encryption and key management ConnectGuard technology eliminates the need for detailed technical knowledge and can be easily deployed to protect confidential information There is no need to be a PKI guru with ConnectGuard, the only choices needed to make are simple policy decisions 34

35 Securing Our Family Relationship My emotions are encrypted to protect the security of our marriage. 35

36 Thank You IMPORTANT NOTICE The content of this presentation is strictly confidential. ADVA Optical Networking is the exclusive owner or licensee of the content, material, and information in this presentation. Any reproduction, publication or reprint, in whole or in part, is strictly prohibited. The information in this presentation may not be accurate, complete or up to date, and is provided without warranties or representations of any kind, either express or implied. ADVA Optical Networking shall not be responsible for and disclaims any liability for any loss or damages, including without limitation, direct, indirect, incidental, consequential and special damages, alleged to have been caused by or in connection with using and/or relying on the information contained in this presentation. Copyright for the entire content of this presentation: ADVA Optical Networking.