Figure 13.1 ASN.1: abstract and transfer/concrete syntax relationship.

Transcription

1 Figure 3. ASN.: abstract and transfer/concrete syntax relationship. Host AP Data in an agreed abstract syntax (e.g. type character, integer etc.) Data in an agreed transfer/concrete syntax (e.g. type, length, value) Host AP TCP/UDP IP IP network/internet TCP/UDP IP

2 Figure 3.2 ASN. compiler function. Application data type definitions in ASN. Data type definitions in language X Encoding and decoding procedures for each data type in language X

3 Figure 3.3 Some example ASN. type definitions: (a) simple types; (b) constructed type; (c) tagging; (d) implicit typing. (a) married yrswithcompany accessrights PDUContents name pi workday :: BOOLEAN -- true or false :: INTEGER :: BITSTRING{read(0), write()} :: OCTETSTRING :: IA5String :: REAL -- mantissa, base, exponent :: ENUMERATED{monday(0), tuesday()... friday(4)} (b) (c) (d) personnelrecord c.f. personnelrecord personnelrecord personnelrecord :: SEQUENCE{ empnumber INTEGER, name IA5String, yrswithcompany INTEGER married BOOLEAN} :: record empnumber integer; name array [..20] of char; yrswithcompany integer; married boolean :: end; :: SEQUENCE{ empnumber [APPLICATION] INTEGER, name [] IA5String, yrswithcompany [2] INTEGER, married [3] BOOLEAN} :: SEQUENCE{ empnumber [APPLICATION] INTEGER, name [] IMPLICIT IA5String, yrswithcompany [2] IMPLICIT INTEGER, married [3] IMPLICIT BOOLEAN}

4 Figure 3.4 ASN. PDU definition example. ISO857-FTAM DEFINITIONS :: BEGIN PDU :: CHOICE { PDU :: CHOICE {InitializePDU, PDU :: CHOICE {FilePDU, PDU :: CHOICE {BulkdataPDU PDU :: CHOICE } InitializePDU :: CHOICE { [APPLICATION ] [] [2] [3] [4] [5] InitializePDU :: CHOICE } IMPLICIT FINITIALIZErequest, IMPLICIT FINITIALIZEresponse, IMPLICIT FTERMINATErequest, IMPLICIT FTERMINATEresponse, IMPLICIT FUABORTrequest, IMPLICIT FPABORTresponse FINITIALIZErequest :: SEQUENCE { protocolid [0] INTEGER { isoftam (0) }, versionnumber [] IMPLICIT versionnumber [] SEQUENCE { major INTEGER, versionnumber [] SEQUENCE { minor INTEGER}, initially { major 0, minor 0} servicetype [2] INTEGER { reliable (0), servicetype [2] INTEGER {user correctable ()} serviceclass [3] INTEGER { transfer (0), serviceclass [3] INTEGER {access (), serviceclass [3] INTEGER {management (2)} functionalunits [4] BITSTRING { read (0), write (), fileaccess (2), limitedfilemanagement (3), enhancedfilemanagement (4), grouping (5), recovery (6), restartdatatransfer (7) } attributegroups [5] BITSTRING { storage (0), security () } rollbackavailability [6] BOOLEAN DEFAULT FALSE, presentationcontextname [7] IMPLICIT ISO646String { ISO8822 }, identifyoflnitiator [8] ISO646String OPTIONAL, currentaccount [9] ISO646String OPTIONAL, filestorepassword [0] OCTETSTRING OPTIONAL, checkpointwindow [] INTEGER OPTIONAL } FINITIALIZEresponse :: SEQUENCE { END

5 Figure 3.5 ASN. encoding: identifier bit definitions. Bit Tag: 0 30 Boolean type 2 Integer type 3 Bitstring type 4 Octetstring type 5 Null type 9 Real type 0 Enumerated type 6 Sequence and sequenceof types 7 Set and setof types 8 22, 25 Alternative character set string types (IA5/ISO 646, etc.) Time types >30 All five tag bits set to and a second octet used Type: 0 Primitive Constructed Class: 00 Universal 0 Application 0 Context specific Private Note: The null type is used to indicate the absence of an element in a sequence. The two time types are used to specify time in a standardized way as a string of IA5/ISO 646 characters. For example: YY MM DD hh mm ss current time

6 Figure 3.6 ASN. encoding examples: (a) primitive types; (b) constructed type; (c) use of implicit tag. (a) BOOLEAN UNIVERSAL e.g., Employed :: BOOLEAN assume true Identifier 0 (Hex) Length 0 Contents FF Universal i.e., 0 0 FF INTEGER UNIVERSAL 2 e.g., RetxCount :: INTEGER assume 29 (decimal) Identifier 02 Length 0 Contents D Universal 2 29 decimal i.e., 02 0 D BITSTRING UNIVERSAL 3 e.g., FunctionalUnits :: BITSTRING {read (0), write (), fileaccess (2)} assume read only is required Identifier Length 0 Contents 80 read only i.e., 0 80 UTCTime UNIVERSAL 23 e.g., UTCTime :: [UNIVERSAL 23] IMPLICIT ISO646String assume 2.58 p.m. on 5th November Identifier 7 (Hex) Length 0A Contents Universal 23 i.e., 7 0A

7 Figure 3.6 Continued (b) SEQUENCE/SEQUENCEOF UNIVERSAL 6 e.g., File :: SEQUENCE {username IA5String, contents OCTETSTRING} assume username FRED and contents 0F 27 E4 Hex Identifier 30 (Hex) Length 0B Contents Identifier 6 Contents Length 04 Contents Contents Contents Identifier 04 Contents Length Contents Contents 0F 27 E4 Constructed, Universal 6 Decimal Universal 22 Universal 4 i.e., 30 0B F 27 E4 (c) Tagging/IMPLICIT e.g., UserName :: SET {surname [0] IMPLICIT ISO646String, password [] ISO646String } assume surname BULL and password KING Identifier 3 Length 0E Contents Identifier 80 Contents Length 04 Contents Contents C 4C Contents Identifier A Contents Length 06 Contents Contents Identifier 6 Contents Contents Length 04 Contents Contents Contents 4B 49 4E 47 Constructed, Universal 7 Decimal 4 Context-specific 0 surname Context-specific password Universal 22 i.e., 3 0E C 4C A B 49 4E 47

8 Figure 3.7 Example PDU encoding: (a) PDU fields and their contents; (b) encoded form. (a) FINITIALIZErequest { protocolid 0, versionnumber {major 0, minor 0} servicetype, serviceclass, functionalunits {read 0, write, fileaccess 2, functionalunits {limitedfilemanagement 3 functionalunits {enhancedfilemanagement 4, functionalunits {grouping 5, recovery 6, functionalunits {restartdatatransfer 7 } attributegroups {storage 0, security } rollbackavailability T, PresentationContextName ISO8822 }

9 Figure 3.7 Continued (b) Identifier Length Contents 6 3 Identifier Length Contents Identifier Length Contents A0 Identifier Length Contents A 06 Identifier Length Contents Identifier Length Contents Identifier Length Contents Identifier Length Contents Identifier Length Contents Identifier Length Contents Identifier Length Contents Identifier Length Contents Universal major 02 Universal minor A2 Identifier 02 Length 0 Contents 0 A3 Identifier 02 Length 0 Contents 0 A4 Identifier Length 0 Contents E0 A5 Identifier Length 0 Contents 40 A6 Identifier 0 Length 0 Contents FF A F Application-specific FINITIALIZErequest decimal 49 Context-specific 0 protocolid Universal 2 INTEGER isoftam Context-specific versionnumber servicetype user correctable serviceclass access Context-specific 4 functionalunits Universal 3 BITSTRING read, write, fileaccess Context-specific 5 attributegroups security Context-specific 6 rollbackavailability Universal BOOLEAN true Context-specific 7 PresentationContextName ISO8822 Concrete syntax of the above PDU is thus: F 02 0 A A6 02 A A 0 FF 06 0 A7 02 A E A5 38 A2 32

10 Figure 3.8 Data encryption terminology. Plaintext, P Plaintext, P Encryption key, E K Decryption key, D K Listening/ eavesdropping Masquerading Ciphertext C E K (P)

11 Figure 3.9 Product cipher components: (a) P-box examples; (b) S-box example. P-box (a) (i) straight (key ) (ii) expanded (key ) (iii) compressed (choice) (key 57283) Key (b) S-box A 0 0 B 0 0 A B P-box A B A 0 0 B 0 0 key

12 Figure 3.0 Example of a product cipher.

13 Figure 3. DES algorithm principles: (a) overall schematic; (b) substitution schematic; (c) substitution operation. (a) 64-bit plaintext 56-bit key subkeys each of 48 bits 64-bit ciphertext (b) 64-bit output from previous stage Subkey for this stage 64-bit output to next stage

14 Figure 3. Continued. (c) 64-bit output from previous stage, x + K x 64-bit output to next stage, x

15 Figure 3.2 Triple DES schematic. Key K, K 2 K K 2 K 64-bit plaintext DES DES DES 64-bit ciphertext

16 Figure 3.3 DES operational modes: (a) electronic code book (ECB); (b) chain block cipher (CBC); (c) cipher feedback mode (CFM).

17 Figure 3.3 Continued.

18 Figure 3.4 IDEA: (a) encryption schematic; (b) single iteration detail. (a) 64-bit plaintext Iteration K K 6 Iteration 2 K 7 K 2 Key generator 28-bit key Iteration 8 K 43 K 48 Transformation K 49 K bit ciphertext (b) 64-bit input K + + K 4 K 2 K K 5 + K bit output multiplier 6 6 adder 6 6 exclusive OR

19 Figure 3.5 RSA schematic. Source, S Receiver, R R s public key R p R s secret key R s Plaintext, P Plaintext, P R s (R p (P)) Ciphertext R p (P)

20 Figure 3.6 Nonrepudiation using RSA: (a) on complete message; (b) on message digest. (a) Plaintext, P S s (P) Ciphertext R p (S s (P)) R s (R p (S s (P))) Plaintext S p (R s (R p (S s (P)))) S s secret key S s R s public key R p R s secret key R s S s public key S p Plaintext, P Plaintext, P Encryption level Nonrepudiation level (b) MD S s (MD) P, S s (MD) S s (MD) S p (S s (MD)) MD Plaintext, P P MD Plaintext, P Error

21 Figure 3.7 User authentication using a public key scheme. Client C p, C s Timer, T c S p (U, C p, t c ) () C p (U, t c, t s ) (2) S p (U, t s ) (3) Server S p, S s Timer, T s C p, C s client public/secret key U client user name S p, S s server public/secret key t c, t s client/server time-stamp

22 Figure 3.8 User authentication using Kerberos: (a) terminology and message exchange; (b) key and ticket definitions; (c) message contents. (a) Key distribution server Server computer Network (2) (3) (5) (6) (7) (8) () (4) Client workstation (b) K U K T K S K UT K US The private key of the user the user password The private key of the TGS The private key of the application server A session key to encrypt UA TGS dialog units A session key to encrypt UA S dialog units TGS ticket, T UT K T (U, T, t, t 2, K UT ) Application server ticket, T US K S (U, S, t, t 2, K US ) t, t 2 start, end of ticket lifetime (c) Direction Message () (2) (3) (4) (5) (6) (7) (8) U UA AS U UA TGS UA S UA AS UA UA TGS UA S UA User name, U (U, T, n ) K U (K UT, n ); T UT User password, K U K UT (U, t); T UT, S, n 2 K UT (K US, n 2 ); T US K US (U, t); T US, n 3 K US (n 3 ) K UT /K US (U, t) are both authenticators and t is a time-stamp

23 Figure 3.9 A possible threat when using a public key system. P, S s (MD) MD S s S p MD P P MD Impersonator prepares a plaintext message with a sender's name that of the person he/she is impersonating S p Impersonator sends public key, S p, in an and gives the name of the sender of the as that in the plaintext message Recipient uses the public key of the impersonator to decrypt the message and assumes it has been sent by the person whose name is in the plaintext message

24 Summary Figure 3.20 Summary of topics discussed in Chapter 3. Application support functions ASN. A standard abstract syntax A standard transfer syntax plus encoding and decoding procedures Network security Secrecy Integrity Authentication Nonrepudiation Data encryption Terminology Basic techniques Product ciphers Secret key Public key IDEA DES RSA Nonrepudiation Authentication Digital signature Message digest Public key Private key (Kerberos)