Chapter 5 Authentication and Basic Cryptography

Transcription

1 Chapter 5 Authentication and Basic Cryptography Resource from : Chapter 8 & 11 Authentication Security+ Guide to Network Security Fundamentals, Third Edition 1 Dr.Sukchatri PRASOMSUK School of Information Technology and Communication, University of Phayao Slide 2 Define authentication Authentication credentials Authentication models Authentication servers Extended authentication protocols Virtual Private Network (VPN) 1

2 Slide 3 Slow guessing and botnets conceal the attacks Countermeasures การตอบโต Strong password policy, restricting access to server by source IP, two-factor authentication Link Ch 8a Definition of Authentication 4 2

3 Slide 5 Authentication can be defined in two contexts The first is viewing authentication as it relates to access control The second is to look at it as one of the three key elements of security: Authentication การร บรอง Authorization การอน ญาต Accounting การบ ญช Slide 6 Access control is the process by which resources or services are granted or denied Identification The presentation of credentials or identification Authentication The verification of the credentials to ensure that they are genuine and not fabricated (ประด ษฐ ) Authorization Granting permission for admittance Access is the right to use specific resources 3

4 Slide 7 Authentication in AAA provides a way of identifying a user Typically with a password Authorization determines whether the user has the authority to carry out certain tasks The process of enforcing policies Accounting measures the resources a user consumes during each network session Slide 8 To find evidence of problems For billing For planning AAA servers Servers dedicated to performing AAA functions Can provide significant advantages in a network 4

5 Authentication Credentials (การร บรองต วตน) 9 Slide 10 Credentials are something you have, something you are, or something you know Types of authentication credentials Passwords One-time passwords Standard biometrics Behavioral biometrics Cognitive biometrics 5

6 Slide 11 Standard passwords are typically static in nature One-time passwords (OTP) Dynamic passwords that change frequently Systems using OTPs generate a unique password on demand that is not reusable The most common type is a time-synchronized OTP Used in conjunction with a token The token and a corresponding authentication server share the same algorithm Each algorithm is different for each user s token Slide 12 6

7 Slide 13 Slide 14 Authentication server displays a challenge (a random number) to the user User then enters the challenge number into the token Which then executes a special algorithm to generate a password Because the authentication server has this same algorithm, it can also generate the password and compare it against that entered by the user 7

8 Slide 15 Uses a person s unique characteristics for authentication (what he is) Examples: fingerprints, faces, hands, irises, retinas Types of fingerprint scanners Static fingerprint scanner Dynamic fingerprint scanner (more secure) Disadvantages Costs Readers are not always foolproof How can you change your password it it's your fingerprint? Slide 16 8

9 Slide 17 Authenticates by normal actions that the user performs Keystroke dynamics Attempt to recognize a user s unique typing rhythm Keystroke dynamics uses two unique typing variables Dwell time อาศ ยเวลา Flight time เวลาเท ยวบ น Slide 18 9

10 Slide 19 Slide 20 Voice recognition Uses unique characteristics of a person s voice Phonetic cadence Speaking two words together in a way that one word bleeds into the next word Becomes part of each user s speech pattern Computer footprint When and from where a user normally accesses a system 10

11 Slide 21 A simple form of two-factor authentication Required by the US now Links Ch 8b, c, d Slide 22 Related to the perception, thought process, and understanding of the user Easier for the user to remember because it is based on the user s life experiences One example of cognitive biometrics is based on a life experience that the user remembers Another example of cognitive biometrics requires the user to identify specific faces 11

12 Slide 23 Authentication Models 24 12

13 Slide 25 One-factor authentication Using only one authentication credential, such as a password Two-factor authentication Enhances security, particularly if different types of authentication methods are used (password and token) Three-factor authentication Requires that a user present three different types of authentication credentials Slide 26 Identity management Using a single authenticated ID to be shared across multiple networks Federated identity management (FIM) When those networks are owned by different organizations One application of FIM is called single signon (SSO) Using one authentication to access multiple accounts or applications 13

14 Slide 27 Originally introduced in 1999 as.net Passport When the user wants to log into a Web site that supports Windows Live ID The user will first be redirected to the nearest authentication server Once authenticated, the user is given an encrypted time-limited global cookie Never became widely used Slide 28 New Windows feature Users control digital identities with digital ID cards Types of cards Managed cards Personal cards 14

15 Slide 29 A decentralized open source FIM Does not require specific software to be installed on the desktop An OpenID identity is only a URL backed up by a username and password OpenID provides a means to prove that the user owns that specific URL Not very secure--dependent on DNS Authentication Servers 30 15

16 Slide 31 Authentication can be provided on a network by a dedicated AAA or authentication server The most common type of authentication and AAA servers are RADIUS Kerberos TACACS+ Generic servers built on the Lightweight Directory Access Protocol (LDAP) Slide 32 Developed in 1992 The industry standard with widespread support Suitable for what are called high-volume service control applications With the development of IEEE 802.1x port security for both wired and wireless LANs RADIUS has recently seen even greater usage 16

17 Slide 33 A RADIUS client is typically a device such as a dial-up server or wireless access point (AP) Responsible for sending user credentials and connection parameters in the form of a RADIUS message to a RADIUS server The RADIUS server authenticates and authorizes the RADIUS client request Sends back a RADIUS message response RADIUS clients also send RADIUS accounting messages to RADIUS servers Slide 34 17

18 Slide 35 An authentication system developed by the Massachusetts Institute of Technology (MIT) Used to verify the identity of networked users Kerberos authentication server issues a ticket to the user The user presents this ticket to the network for a service The service then examines the ticket to verify the identity of the user Slide 36 Developed by Cisco to replace RADIUS More secure and reliable than RADIUS The centralized server can either be a TACACS+ database Or a database such as a Linux or UNIX password file with TACACS protocol support 18

19 Slide 37 Directory service A database stored on the network itself that contains information about users and network devices Can be used with RADIUS X.500 A standard for directory services Created by ISO White-pages service Capability to look up information by name Yellow-pages service Browse and search for information by category Slide 38 The information is held in a directory information base (DIB) Entries in the DIB are arranged in a tree structure called the directory information tree (DIT) Directory Access Protocol (DAP) Protocol for a client application to access an X.500 directory DAP is too large to run on a personal computer 19

20 Slide 39 Lightweight Directory Access Protocol (LDAP) Sometimes called X.500 Lite A simpler subset of DAP Primary differences LDAP was designed to run over TCP/IP LDAP has simpler functions LDAP encodes its protocol elements in a less complex way than X.500 LDAP is an open protocol Extended Authentication Protocols (EAP) 40 20

21 Slide 41 In IEEE 802.1x, EAP is the "envelope" that carries data used for authentication Three EAP protocol categories: Authentication legacy protocols EAP weak protocols EAP strong protocols Slide 42 21

22 Slide 43 No longer extensively used for authentication Password Authentication Protocol (PAP) Sends passwords in the clear Challenge-Handshake Authentication Protocol (CHAP) Safer than PAP, but vulnerable (link Ch 8g) Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP) Slide 44 Still used but have security vulnerabilities Extended Authentication Protocol MD5 (EAP-MD5) Vulnerable to offline dictionary attacks Lightweight EAP (LEAP) Also vulnerable to offline dictionary attacks Can be cracked faster than WEP Link Ch 8h 22

23 Slide 45 EAP with Transport Layer Security (EAP-TLS) Uses certificates for both client and server Used in large Windows networks EAP with Tunneled TLS (EAP-TTLS) and Protected EAP (PEAP) No client-side certificate Easier to implement than EAP-TLS Remote Authentication and Security 46 23

24 Slide 47 Important to maintain strong security for remote communications Transmissions are routed through networks or devices that the organization does not manage and secure Managing remote authentication and security usually includes: Using remote access services Installing a virtual private network Maintaining a consistent remote access policy Slide 48 Any combination of hardware and software that enables access to remote users to a local internal network Provides remote users with the same access and functionality as local users 24

25 Slide 49 One of the most common types of RAS Uses an unsecured public network, such as the Internet, as if it were a secure private network Encrypts all data that is transmitted between the remote device and the network Common types of VPNs Remote-access VPN or virtual private dial-up network (VPDN) Site-to-site VPN Slide 50 25

26 Slide 51 VPN transmissions are achieved through communicating with endpoints Endpoint End of the tunnel between VPN devices VPN concentrator Aggregates hundreds or thousands of multiple connections Depending upon the type of endpoint that is being used, client software may be required on the devices that are connecting to the VPN Slide 52 VPNs can be software-based or hardwarebased Software-based VPNs offer the most flexibility in how network traffic is managed Hardware-based VPNs generally tunnel all traffic they handle regardless of the protocol Generally, software based VPNs do not have as good performance or security as a hardwarebased VPN 26

27 Slide 53 Cost savings (no long-distance phone call) Scalability (easy to add more users) Full protection (all traffic is encrypted) Speed (faster than direct dial-up) Transparency (invisible to the user) Authentication (only authorized users can connect) Industry standards Slide 54 Management Availability and performance Interoperability Additional protocols Performance impact Expense 27

28 Slide 55 Establishing strong remote access policies is important Some recommendations for remote access policies: Remote access policies should be consistent for all users Remote access should be the responsibility of the IT department Form a working group and create a standard that all departments will agree to Basic Cryptography 56 28

29 Slide 57 Define cryptography Describe hashing List the basic symmetric cryptographic algorithms Describe how asymmetric cryptography works List types of file and file system cryptography Explain how whole disk encryption works Slide 58 Cryptography - scrambles data The science of transforming information into an unintelligible form while it is being transmitted or stored so that unauthorized users cannot access it Steganography - hides data Hides the existence of the data What appears to be a harmless image can contain hidden data embedded within the image Can use image files, audio files, or even video files to contain hidden information 29

30 Slide 59 Slide 60 Used by Julius Caesar Caesar shifted each letter of his messages to his generals three places down in the alphabet So BURN THE BRIDGE becomes EXUQ WKH EUKFIG A D B E C F D G E H F I G J H K 30

31 Slide 61 Encryption Changing the original text to a secret message using cryptography Decryption Change the secret message back to its original form Slide 62 31

32 Slide 63 Cryptography can provide: Confidentiality of information Integrity of the information Availability of the data To users with the key Guarantee Authenticity of the sender Enforce Non-repudiation Sender cannot deny sending the message Slide 64 32

33 Cryptographic Algorithms 65 Slide 66 There are three categories of cryptographic algorithms: Hashing algorithms Symmetric encryption algorithms Asymmetric encryption algorithms 33

34 Hashing Algorithms 67 Slide 68 Hashing is a one-way process Converting a hash back to the original data is difficult or impossible A hash is a unique signature for a set of data This signature, called a hash or digest, represents the contents Hashing is used only for integrity to ensure that: Information is in its original form No unauthorized person or malicious software has altered the data Common hash algorithms MD5, SHA-1 34

35 Slide 69 Slide 70 Link Ch 11a 35

36 Slide 71 A hashing algorithm is considered secure if: The ciphertext hash is a fixed size Two different sets of data cannot produce the same hash, which is known as a collision It should be impossible to produce a data set that has a desired or predefined hash The resulting hash ciphertext cannot be reversed to find the original data Slide 72 36

37 Slide 73 Hash values are often posted on Internet sites In order to verify the file integrity of files that can be downloaded Slide 74 37

38 Slide 75 Message Digest (MD) algorithm One common hash algorithm Three versions Message Digest 2 (MD2) Message Digest 4 (MD4) Message Digest 5 (MD5) Suffer from collisions Not secure See links Ch 11b, c, d Slide 76 More secure than MD A family of hashes SHA-1 Patterned after MD4, but creates a hash that is 160 bits in length instead of 128 bits SHA-2 Comprised of four variations, known as SHA- 224, SHA-256, SHA-384, and SHA-512 Considered to be a secure hash 38

39 Slide 77 Link Ch 11d Slide 78 A relatively recent cryptographic hash function Has received international recognition and adoption by standards organizations Creates a hash of 512 bits 39

40 Slide 79 Another use for hashes is in storing passwords When a password for an account is created, the password is hashed and stored The Microsoft NT family of Windows operating systems hashes passwords in two different forms LM (LAN Manager) hash NTLM (New Technology LAN Manager) hash Most Linux systems use password-hashing algorithms such as MD5 Apple Mac OS X uses SHA-1 hashes Symmetric Cryptographic Algorithms 80 40

41 Slide 81 Symmetric cryptographic algorithms Use the same single key to encrypt and decrypt a message Also called private key cryptography Stream cipher Takes one character and replaces it with one character WEP (Wired Equivalent Protocol) is a stream cipher Substitution cipher The simplest type of stream cipher Simply substitutes one letter or character for another Slide 82 41

42 Slide 83 Slide 84 With most symmetric ciphers, the final step is to combine the cipher stream with the plaintext to create the ciphertext The process is accomplished through the exclusive OR (XOR) binary logic operation One-time pad (OTP) Combines a truly random key with the plaintext 42

43 Slide 85 Slide 86 Manipulates an entire block of plaintext at one time Plaintext message is divided into separate blocks of 8 to 16 bytes And then each block is encrypted independently Stream cipher advantages and disadvantages Fast when the plaintext is short More prone to attack because the engine that generates the stream does not vary Block ciphers are more secure than stream ciphers 43

44 Slide 87 Slide 88 Data Encryption Standard (DES) Declared as a standard by the U.S Government DES is a block cipher and encrypts data in 64-bit blocks Uses 56-bit key, very insecure Has been broken many times Triple Data Encryption Standard (3DES) Uses three rounds of DES encryption Effective key length 112 bits Considered secure 44

45 Slide 89 Slide 90 Approved by the NIST in late 2000 as a replacement for DES Official standard for U.S. Government Considered secure--has not been cracked 45

46 Slide 91 Link Ch 11e Slide 92 Several other symmetric cryptographic algorithms are also used: Rivest Cipher (RC) family from RC1 to RC6 International Data Encryption Algorithm (IDEA) Blowfish Twofish 46

47 Asymmetric Cryptographic Algorithms 93 Slide 94 Asymmetric cryptographic algorithms Also known as public key cryptography Uses two keys instead of one The public key is known to everyone and can be freely distributed The private key is known only to the recipient of the message Asymmetric cryptography can also be used to create a digital signature 47

48 Slide 95 Slide 96 A digital signature can: Verify the sender Prove the integrity of the message Prevent the sender from disowning the message (non-repudiation) A digital signature does not encrypt the message, it only signs it 48

49 Slide 97 Slide 98 49

50 Slide 99 The most common asymmetric cryptography algorithm RSA makes the public and private keys by multiplying two large prime numbers p and q To compute their product (n=pq) It is very difficult to factor the number n to find p and q Finding the private key from the public key would require a factoring operation RSA is complex and slow, but secure 100 times slower than DES Slide 100 A key exchange algorithm, not an encryption algorithm Allows two users to share a secret key securely over a public network Once the key has been shared Then both parties can use it to encrypt and decrypt messages using symmetric cryptography 50

51 Slide 101 Secure Web Pages typically use RSA, Diffie- Hellman, and a symmetric algorithm like RC4 RSA is used to send the private key for the symmetric encryption Slide

52 Slide 103 Slide 104 An elliptic curve is a function drawn on an X-Y axis as a gently curved line By adding the values of two points on the curve, you can arrive at a third point on the curve The public aspect of an elliptic curve cryptosystem is that users share an elliptic curve and one point on the curve Not common, but may one day replace RSA 52

53 Using Cryptography on Files and Disks 105 Slide 106 Pretty Good Privacy (PGP) One of the most widely used asymmetric cryptography system for files and messages on Windows systems GNU Privacy Guard (GPG) A similar open-source program PGP and GPG use both asymmetric and symmetric cryptography 53

54 Slide 107 Part of Windows Uses the Windows NTFS file system Because EFS is tightly integrated with the file system, file encryption and decryption are transparent to the user EFS encrypts the data as it is written to disk On Macs, Filevault encrypts a user's home folder Slide 108 Windows BitLocker A hardware-enabled data encryption feature Can encrypt the entire Windows volume Includes Windows system files as well as all user files Encrypts the entire system volume, including the Windows Registry and any temporary files that might hold confidential information TrueCrypt Open-source, free, and can encrypt folders or files 54

55 Slide 109 A chip on the motherboard of the computer that provides cryptographic services If the computer does not support hardwarebased TPM then the encryption keys for securing the data on the hard drive can be stored by BitLocker on a USB flash drive Slide 110 Can defeat all currently available whole disk encryption techniques (link Ch 11i) 55

56 Slide