Introduction to Network Security Missouri S&T University CPE 5420 Application and Transport Layer Security

Similar documents
CSCE 715: Network Systems Security

CS 356 Internet Security Protocols. Fall 2013

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

Transport Layer Security

Secure Socket Layer. Security Threat Classifications

Transport Level Security

CS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL

Chapter 4: Securing TCP connections

Cryptography and Network Security. Sixth Edition by William Stallings

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Introduction to Network Security Missouri S&T University CPE 5420 Data Integrity Algorithms

MTAT Applied Cryptography

Different Layers Lecture 21

SSL/TLS CONT Lecture 9a

E-commerce security: SSL/TLS, SET and others. 4.1

Chapter 7. WEB Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

Overview. SSL Cryptography Overview CHAPTER 1

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Security Protocols and Infrastructures. Winter Term 2010/2011

Protocol Architecture (2) Suguru Yamaguchi Nara Institute of Science and Technology Department of Information Science

Chapter 5. Transport Level Security

Cryptography and Network Security

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2014

Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution

Introduction to Network Security Missouri S&T University CPE 5420 Exam 2 Logistics

Security Engineering. Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings)

Transport Layer Security

Chapter 2 Application Layer. Lecture 4: principles of network applications. Computer Networking: A Top Down Approach

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec

MTAT Applied Cryptography

Chapter 8 Web Security

ecure Sockets Layer, or SSL, is a generalpurpose protocol for sending encrypted

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Introduction to Network Security Missouri S&T University CPE 5420 Network Access Control

CS 3516: Advanced Computer Networks

Universität Hamburg. SSL & Company. Fachbereich Informatik SVS Sicherheit in Verteilten Systemen. Security in TCP/IP. UH, FB Inf, SVS, 18-Okt-04 2

Lecture 1: Introduction to Security Architecture. for. Open Systems Interconnection

COMPUTER SECURITY. Computer Security Secure Communication Channels (2)

PROGRAMMING Kyriacou E. Frederick University Cyprus. Network communication examples

TRANSPORT-LEVEL SECURITY

TLS connection management & application support. Giuseppe Bianchi

Security Protocols and Infrastructures. Winter Term 2015/2016

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

IPsec and SSL/TLS. Applied Cryptography. Andreas Hülsing (Slides mostly by Ruben Niederhagen) Dec. 1st, /43

HP Instant Support Enterprise Edition (ISEE) Security overview

Internet and Intranet Protocols and Applications

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

Internet security and privacy

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Layered Model. DoD Model. ISO/OSI Model

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Transport Layer Security

Objectives CINS/F1-01

Networking. Layered Model. DoD Model. Application Layer. ISO/OSI Model

Summary of PGP Services

Securing IoT applications with Mbed TLS Hannes Tschofenig Arm Limited

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Introduction to the Application Layer. Computer Networks Term B14

Cryptography (Overview)

Review of Previous Lecture

Computer Networking. Chapter #1. Dr. Abdulrhaman Alameer

Security Protocols. Professor Patrick McDaniel CSE545 - Advanced Network Security Spring CSE545 - Advanced Network Security - Professor McDaniel

Security Protocols and Infrastructures

The OSI Model. Open Systems Interconnection (OSI). Developed by the International Organization for Standardization (ISO).

APPLICATION LAYER APPLICATION LAYER : DNS, HTTP, , SMTP, Telnet, FTP, Security-PGP-SSH.

Telemetry Data Sharing Using S/MIME

FTP. FTP offers many facilities :

Presented by: Ahmed Atef Elnaggar Supervisor: Prof. Shawkat K.Guirguis

Chapter 2: Application Layer. Chapter 2 Application Layer. Some network apps. Application architectures. Chapter 2: Application layer

Pretty Good Privacy (PGP

Chapter 12 Security Protocols of the Transport Layer

Chapter 2 Application Layer

Goal and A sample Network App

Information Security CS 526

Network Encryption Methods

Chapter 6: Security of higher layers. (network security)

Lecture: Transport Layer Security (secure Socket Layer)

Virtual Private Networks

Performance Implications of Security Protocols

8. Network Layer Contents

Lecture for February 10, 2016

CSCE 813 Internet Security Secure Services I

Protocol Layers, Security Sec: Application Layer: Sec 2.1 Prof Lina Battestilli Fall 2017

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 4

APNIC elearning: Cryptography Basics

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Need For Protocol Architecture

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

Chapter 2. Application Layer. Chapter 2: Application Layer. Application layer - Overview. Some network apps. Creating a network appication

CSEN 503 Introduction to Communication Networks. Mervat AbuElkheir Hana Medhat Ayman Dayf. ** Slides are attributed to J. F.

Introduction and Overview. Why CSCI 454/554?

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Total No. of Questions : 09 ] [ Total No.of Pages : 02

Chapter 1 Introduction

CS 3516: Advanced Computer Networks

TLS. RFC2246: The TLS Protocol. (c) A. Mariën -

Chapter 2 Application Layer

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security

Transcription:

Introduction to Network Security Missouri S&T University CPE 5420 Application and Transport Layer Security Egemen K. Çetinkaya Department of Electrical & Computer Engineering Missouri University of Science and Technology cetinkayae@mst.edu http://web.mst.edu/~cetinkayae/teaching/cpe5420fall2016 7 October 2016 rev. 16.0 2014 2016 Egemen K. Çetinkaya

Background Security of Higher Layers Outline Transport layer security Application layer security 7 October 2016 MST CPE 5420 Application & Transport Layer Security 2

Background Security of Higher Layers Background Transport layer security Application layer security 7 October 2016 MST CPE 5420 Application & Transport Layer Security 3

Network Architecture and Topology The Network Collection nodes or intermediate systems (IS) switches, routers, bridges, etc. Interconnected by links that Provide connectivity among end systems (ES) or hosts or terminals desktops, laptops, servers, telephone handsets, etc. note: in some networks nodes may be both ES and IS 7 October 2016 MST CPE 5420 Application & Transport Layer Security 4

Network Architecture and Topology The Network multihomed wireless link End system Intermediate system edge or access switch core or backbone switch 7 October 2016 MST CPE 5420 Application & Transport Layer Security 5

Protocol Layering OSI Model ISO 7498: open systems interconnection protocol: rules for communication between entities 7 application application application 6 presentation data formatting 5 session dialogue management 4 transport end-to-end 3 network forwarding/routing 2 link hop-by-hop MAC medium access control 1 physical transmission 7 October 2016 MST CPE 5420 Application & Transport Layer Security 6

L7 L5 L4 L3 L2 L2 L1 Protocol Layering Hybrid Layer/Plane Cube data plane physical application transport network link management control plane session MAC p l a n e 7 October 2016 MST CPE 5420 Application & Transport Layer Security 7

Application Layer Background Motivation What is the ultimate purpose of networking? Egemen K. Çetinkaya 7 October 2016 MST CPE 5420 Application & Transport Layer Security 8

Application Layer Background Motivation To support distributed applications Egemen K. Çetinkaya 7 October 2016 MST CPE 5420 Application & Transport Layer Security 9

Application Layer Background Motivation Applications run on end systems Communicate over network Network core devices do not run user applications 7 October 2016 MST CPE 5420 Application & Transport Layer Security 10

Application Layer Background Example Applications What are some applications? Egemen K. Çetinkaya 7 October 2016 MST CPE 5420 Application & Transport Layer Security 11

E-mail Web Application Layer Background Example Applications Instant messaging Remote login P2P file sharing Multi-user network games Video conferencing Video streaming Social networks? layer 7 or higher? 7 October 2016 MST CPE 5420 Application & Transport Layer Security 12

Internet Protocols Important Application Layer Protocols Protocol Name Function/Use Status Ref HTTP FTP hypertext transfer protocol file transfer protocol Web browsing file and document transfer draft standard standard Telnet telnet remote login standard SMTP POP IMAP simple mail transfer protocol post office protocol internet message access protocol email relay and delivery server mail download server mail access NFS network file system remote access to files RTSP real-time streaming protocol control of multimedia streaming standard standard proposed standard proposed standard proposed standard RFC 2616 RFC 0959 STD 0009 RFC 0854 STD 0008 RFC 0821 STD 0010 RFC 1939 STD 0053 RFC 3501 RFC 3530 RFC 2326 7 October 2016 MST CPE 5420 Application & Transport Layer Security 13

Application Layer Background Application Characteristics Application types: how does utility vs. delay look? best effort interactive real-time deadline Application types dictate transport layer services delay throughput loss tolerance security 7 October 2016 MST CPE 5420 Application & Transport Layer Security 14

Network Architecture and Topology Application Relationships request client Client/server e.g. Web browsing response server data streams with embedded synchronisation Peer-to-peer e.g. telepresence (video-conferencing) 7 October 2016 MST CPE 5420 Application & Transport Layer Security 15

Background Security of Higher Layers Transport Layer Security Transport layer security Motivation and overview SSL TLS Application layer security 7 October 2016 MST CPE 5420 Application & Transport Layer Security 16

Background Security of Higher Layers Transport Layer Security Transport layer security Motivation and overview SSL TLS Application layer security 7 October 2016 MST CPE 5420 Application & Transport Layer Security 17

Transport Layer Background Motivation Ideal network characteristics: zero end-to-end delay unlimited end-to-end bandwidth no errors Reality is not ideal Need an end-to-end protocol to: handle delay control transmission rate perform error recovery 7 October 2016 MST CPE 5420 Application & Transport Layer Security 18

Transport Layer Background Services It provides logical communication between application processes running on different hosts Transport protocols run in end systems sender side: breaks app messages into segments passes to network layer (i.e. encapsulates) receiver side: reassembles segments into messages passes to application layer (i.e. decapsulates) 7 October 2016 MST CPE 5420 Application & Transport Layer Security 19

Transport Layer Background Services Draw logical connections? Egemen K. Çetinkaya 7 October 2016 MST CPE 5420 Application & Transport Layer Security 20

Transport Layer Background Layering Egemen K. Çetinkaya end system repeater / bridge router end system transport transport network network network link link link link Transport layer is end-to-end (E2E) 7 October 2016 MST CPE 5420 Application & Transport Layer Security 21

Transport Layer Background Services Egemen K. Çetinkaya What are the important transport layer protocols? 7 October 2016 MST CPE 5420 Application & Transport Layer Security 22

Internet Protocols Important Transport Protocols Protocol Name Function Status Ref TCP transmission control protocol reliable data transfer with congestion control standard RFC 0793 STD 0007 UDP user datagram protocol socket access to unreliable IP datagrams standard RFC 0768 STD 0006 RTP real-time protocol streaming media (typically over UDP) standards track RFC 1889 T/TCP TCP for transactions remote login experimental RFC 1644 RDP reliable data protocol reliable data transfer with no congestion control experimental RFC 0908 SCTP stream control transmission protocol signalling proposed for wireless proposed standard RFC 2960 7 October 2016 MST CPE 5420 Application & Transport Layer Security 23

Transport Layer Background Services Egemen K. Çetinkaya What are important characteristics of TCP and UDP? 7 October 2016 MST CPE 5420 Application & Transport Layer Security 24

Transport Layer Background Services TCP: Transmission Control Protocol reliable, in-order delivery congestion control flow control connection setup UDP: User Datagram Protocol unreliable, unordered delivery, aka best effort delivery no connection establishment (no handshaking) no congestion control 7 October 2016 MST CPE 5420 Application & Transport Layer Security 25

Transport Layer Background Services Egemen K. Çetinkaya What s difference between flow & congestion control? 7 October 2016 MST CPE 5420 Application & Transport Layer Security 26

Transport Layer Background Services Flow control control transmission not to overwhelm the receiver Congestion control control transmission not to overwhelm the network 7 October 2016 MST CPE 5420 Application & Transport Layer Security 27

Transport Layer Security Overview What are transport-layer security protocols? Egemen K. Çetinkaya 7 October 2016 MST CPE 5420 Application & Transport Layer Security 28

Transport Layer Security Overview Secure Sockets Layer (SSL) Transport Layer Security (TLS) Note that they don t substitute TCP/UDP 7 October 2016 MST CPE 5420 Application & Transport Layer Security 29

Background Security of Higher Layers Transport Layer Security Transport layer security Motivation and overview SSL TLS Application layer security 7 October 2016 MST CPE 5420 Application & Transport Layer Security 30

Secure Sockets Layer Overview One of the most widely used security services Set of protocols that rely on TCP Implementation can be provided in two ways: as an underlying protocol suite to applications can be embedded in packages; web browsers etc. Developed by Netscape Brief history: V1 never released to public V2 released in 1995 V3 released in 1996, RFC 6101 7 October 2016 MST CPE 5420 Application & Transport Layer Security 31

Secure Sockets Layer Protocol Stack SSL is not a single layer protocol it has two layers of protocols 7 October 2016 MST CPE 5420 Application & Transport Layer Security 32

Secure Sockets Layer Architecture SSL is a layered protocol Lower layer protocol SSL record protocol Higher layer protocols handshake protocol SSL change cipher spec protocol SSL alert protocol 7 October 2016 MST CPE 5420 Application & Transport Layer Security 33

Secure Sockets Layer SSL Record Protocol Operation Egemen K. Çetinkaya Multiple operations performed in SSL record protocol 7 October 2016 MST CPE 5420 Application & Transport Layer Security 34

Secure Sockets Layer SSL Record Protocol Operation Egemen K. Çetinkaya What are the services provided? 7 October 2016 MST CPE 5420 Application & Transport Layer Security 35

Secure Sockets Layer SSL Record Protocol Operation Egemen K. Çetinkaya Confidentiality, authentication, and message integrity 7 October 2016 MST CPE 5420 Application & Transport Layer Security 36

Fragmentation Secure Sockets Layer SSL Record Protocol Operation APDUs are fragmented into blocks of 2 14 bytes or less Optional compression Message authentication code for integrity similar to HMAC; uses MD5 or SHA-1 Encryption block ciphers: AES, DES, 3DES stream ciphers: RC4 and variants Append header content type, major & minor version, compressed length 7 October 2016 MST CPE 5420 Application & Transport Layer Security 37

Secure Sockets Layer SSL Record Format Egemen K. Çetinkaya There are four fields to SSL record header 7 October 2016 MST CPE 5420 Application & Transport Layer Security 38

Content type (8 bits) Secure Sockets Layer SSL Record Format three SSL-specific protocols change_cipher_spec alert handshake no differentiation between separate application protocols application_data Major version (8 bits); e.g. SSLv3 Minor version (8 bits); minor version 0 Compressed length (16 bits); max value 2 14 + 2048 b 7 October 2016 MST CPE 5420 Application & Transport Layer Security 39

Secure Sockets Layer Change Cipher Spec Protocol Signals transitions in ciphering strategies The protocol consists of a single message The message consists of a single byte of value 1 The message is sent by both the client and server to notify the receiving party that subsequent records will be protected under the just-negotiated CipherSpec and keys 7 October 2016 MST CPE 5420 Application & Transport Layer Security 40

Secure Sockets Layer Alert Protocol Alert messages convey the severity of the message a description of the alert Alert levels are: warning fatal Alert messages with a level of fatal result in the immediate termination of the connection Two types of alert messages closure alerts error alerts 7 October 2016 MST CPE 5420 Application & Transport Layer Security 41

Secure Sockets Layer Alert Protocol Messages Egemen K. Çetinkaya Closure alert message closure alert must be sent to avoid a truncation attack close_notify Error alert message always fatal: unexpected_message bad_record_mac decompression_failure handshake_failure illegal_parameter other messages: no_certificate, bad_certificate, unsupported_certificate, certificate_revoked, certificate_expired, certificate_unknown 7 October 2016 MST CPE 5420 Application & Transport Layer Security 42

Secure Sockets Layer Handshake Protocol It is used to negotiate secure attributes of a session Handshake messages supplied to SSL record layer When an SSL client and server start communicating: a protocol version select cryptographic algorithms optionally authenticate each other use public key encryption to generate shared secrets Each message has three fields: type (1 byte) length (3 bytes) content 7 October 2016 MST CPE 5420 Application & Transport Layer Security 43

hello_request client_hello server_hello certificate Secure Sockets Layer Handshake Protocol Messages server_key_exchange certificate_request server_hello_done certificate_verify client_key_exchange finished 7 October 2016 MST CPE 5420 Application & Transport Layer Security 44

Secure Sockets Layer Handshake Protocol Signalling Client ClientHello --------> Certificate* ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Server ServerHello Certificate* ServerKeyExchange* CertificateRequest* <-------- ServerHelloDone Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data Egemen K. Çetinkaya 7 October 2016 MST CPE 5420 Application & Transport Layer Security 45

Key exchange Secure Sockets Layer Cryptographic Calculations Diffie-Hellman, RSA, and FORTEZZA Encryption asymmetric algorithms: Diffie-Hellman, RSA, and FORTEZZA symmetric algorithms: DES, AES, RC4 MAC algorithms MD5, SHA-1 7 October 2016 MST CPE 5420 Application & Transport Layer Security 46

Background Security of Higher Layers Transport Layer Security Transport layer security Motivation and overview SSL TLS Application layer security 7 October 2016 MST CPE 5420 Application & Transport Layer Security 47

Transport Layer Security Overview TLS provides privacy and data integrity Based on SSLv3 protocol specification differences are not dramatic, but significant enough various versions of TLS and SSL 3.0 do not interoperate Layered architecture as SSLv3 Brief history: V1.0 released in RFC 2246 in 1999 V1.1 released in RFC 4346 in 2006 V1.2 released in RFC 5246 in 2008 V1.3 in draft form as of September 2016 (version 16) 7 October 2016 MST CPE 5420 Application & Transport Layer Security 48

Transport Layer Security Goals Cryptographic security TLS should establish secure connection between two parties Interoperability programmers should develop applications utilizing TLS Extensibility new public key and encryption methods can be incorporated Relative efficiency cryptographic operations tend to be highly CPU intensive TLS has incorporated an optional session caching scheme to reduce the number of connections 7 October 2016 MST CPE 5420 Application & Transport Layer Security 49

SSL/TLS Implementations Implementation SSLv3 TLSv1.0 TLSv1.1 TLSv1.2 Botan yes yes yes yes MS Secure Channel yes yes No/disabled No/disabled OpenSSL yes yes yes yes OS X Secure Transport yes yes yes yes REF: http://en.wikipedia.org/wiki/comparison_of_tls_implementations 7 October 2016 MST CPE 5420 Application & Transport Layer Security 50

Layer-4 Security Conclusions TLS/SSL is a layer above TCP and UDP SSL v3 is being deprecated (RFC 7568, June 2015) There is no secure TCP/UDP RFC 5925: TCP Authentication Option Survey of Security Hardening for TCP Implementations https://tools.ietf.org/html/draft-ietf-tcpm-tcp-security-03 TLS/SSL uses services of reliable TCP protocol What happens when the application requires UDP? 7 October 2016 MST CPE 5420 Application & Transport Layer Security 51

Layer-4 Security Conclusions TLS/SSL is a layer above TCP and UDP SSL v3 is being deprecated (RFC 7568, June 2015) TLS/SSL uses services of reliable TCP protocol Some applications require UDP SIP (Session Initiation Protocol) electronic gaming Datagram semantics prohibits use of TLS UDP related RFC 6347 Datagram Transport Layer Security (DTLS) Version 1.2 DTLS is designed to be as similar to TLS as possible 7 October 2016 MST CPE 5420 Application & Transport Layer Security 52

Background Security of Higher Layers Application Layer Security Transport layer security Application layer security HTTPS SSH E-mail 7 October 2016 MST CPE 5420 Application & Transport Layer Security 53

Background Security of Higher Layers Application Layer Security Transport layer security Application layer security HTTPS SSH E-mail 7 October 2016 MST CPE 5420 Application & Transport Layer Security 54

Application Security HTTP HTTP: hypertext transfer protocol Documented in RFCs 7230-7235 very recent updates, June 2014 Web s application layer protocol Client/server model client requests object from the server server responds with status message Uses TCP port 80 7 October 2016 MST CPE 5420 Application & Transport Layer Security 55

Application Security HTTPS HTTP was originally used in the clear on the Internet Increased use of HTTP for sensitive applications has required security measures Simply uses HTTP over TLS/SSL HTTPS is built into all modern Web browsers The default port is for HTTPS is 443 URI format includes: https https://www.example.com/~smith/home.html Documented in RFC 2818 7 October 2016 MST CPE 5420 Application & Transport Layer Security 56

Application Security HTTPS Encryption URL of the requested document Contents of the document Contents of browser forms Cookies sent to/from browser to/from server Contents of HTTP header 7 October 2016 MST CPE 5420 Application & Transport Layer Security 57

Connection initiation Application Security HTTPS Connections agent acting as HTTP client should also act as the TLS client first, complete TLS handshake the client may then initiate the first HTTP request all HTTP data must be sent as TLS application data Connection closure TLS provides a facility for secure connection closure TLS initiates exchange of closure alerts before closure 7 October 2016 MST CPE 5420 Application & Transport Layer Security 58

Background Security of Higher Layers Application Layer Security Transport layer security Application layer security HTTPS SSH E-mail 7 October 2016 MST CPE 5420 Application & Transport Layer Security 59

Application Security SSH The Secure Shell (SSH) Protocol provides secure remote login over insecure network Documented in RFCs 4250-4256 Widely available in most operating systems SSH protocol consists of three major components transport layer protocol provides server authentication, confidentiality, and integrity user authentication protocol authenticates the client to the server connection protocol multiplexes the encrypted tunnel into several logical channels 7 October 2016 MST CPE 5420 Application & Transport Layer Security 60

Application Security SSH Protocol Stack 7 October 2016 MST CPE 5420 Application & Transport Layer Security 61

Application Security SSH Major Components Transport Layer Protocol provides server authentication, confidentiality, and integrity it may optionally also provide compression it typically runs over a TCP/IP connection User Authentication Protocol authenticates the client-side user to the server it runs over the transport layer protocol Connection Protocol multiplexes encrypted tunnel into several logical channels it runs over the user authentication protocol 7 October 2016 MST CPE 5420 Application & Transport Layer Security 62

Application Security Remote Login/File Transfer Client Programs PuTTY and Tera Term for Windows OpenSSH for Mac OS X File transfer: WinSCP for Windows SFTP for Linux-like systems 7 October 2016 MST CPE 5420 Application & Transport Layer Security 63

Background Security of Higher Layers Application Layer Security Transport layer security Application layer security HTTPS SSH E-mail 7 October 2016 MST CPE 5420 Application & Transport Layer Security 64

Application Security E-mail What are the major components of e-mail? 7 October 2016 MST CPE 5420 Application & Transport Layer Security 65

Application Security E-mail Three major components: user agents mail reader compose, edit, read mail messages clients: MS-Outlook, Mac-Mail mail servers holds mailboxes for incoming and outgoing messages protocol protocols between servers: SMTP retrieval from servers via POP, IMAP Important protocols: SMTP, POP, IMAP, HTTP HTTP/Webmail: Gmail, Hotmail (now Outlook), Yahoo Mail 7 October 2016 MST CPE 5420 Application & Transport Layer Security 66

Application Security Internet Mail Architecture 7 October 2016 MST CPE 5420 Application & Transport Layer Security 67

E-mail Security PGP Overview Pretty Good Privacy (PGP) Uses PKCS encryption for e-mail and data security Available in versions that run on variety of platforms First released by Phil Zimmermann in 1991 Provides four services: authentication confidentiality compression conversion 7 October 2016 MST CPE 5420 Application & Transport Layer Security 68

PGP Services Authentication Sender creates a message Sender generates a hash code of the message Sender encrypts hash using sender's private key Encrypted hash code is prepended to the message Receiver decrypts hash using sender's public key Receiver generates a new hash for received message compares it to the decrypted hash code If the two match, message is accepted as authentic Combination of SHA-1 and RSA 7 October 2016 MST CPE 5420 Application & Transport Layer Security 69

PGP Services Confidentiality PGP provides confidentiality by encrypting messages Each key is used only once new key generated as random 128-bit number for each msg. session key is bound to the message and transmitted with it key is encrypted with the receiver's public key 7 October 2016 MST CPE 5420 Application & Transport Layer Security 70

PGP Services Compression PGP compresses the message after applying the signature but before encryption This has the benefit of saving space both for e-mail transmission and for file storage The compression algorithm used is ZIP 7 October 2016 MST CPE 5420 Application & Transport Layer Security 71

PGP Services Conversion Blocks consist of a stream of arbitrary 8-bit bytes Many electronic mail systems only permit the use of blocks consisting of ASCII text PGP provides the service of conversion raw 8-bit binary stream to stream of ASCII characters Scheme used for this purpose is radix-64 conversion 7 October 2016 MST CPE 5420 Application & Transport Layer Security 72

E-mail Security S/MIME Overview Secure/Multipurpose Internet Mail Extensions Security enhancement to the MIME Internet e-mail format standard Brief history: V3.2 RFC 5751 2010 V3.1 RFC 3851 2004 V3.0 RFC 2633 1999 V2.0 RFC 2311 1998 7 October 2016 MST CPE 5420 Application & Transport Layer Security 73

E-mail Internet Message Format A syntax for text messages that are sent between computer users Specified in RFC 5322 A syntax only for text messages It makes no provision for the transmission of images, audio, or other sorts of structured data Messages are viewed as having envelope & contents envelope contains information needed for transmission and delivery contents comprise the object to be delivered to the recipient 7 October 2016 MST CPE 5420 Application & Transport Layer Security 74

E-mail Internet Message Format Example From: John Doe <jdoe@machine.example> To: Mary Smith <mary@example.net> Subject: Saying Hello Date: Fri, 21 Nov 1997 09:55:06-0600 Message-ID: <1234@local.machine.example> This is a message just to say hello. So, "Hello". 7 October 2016 MST CPE 5420 Application & Transport Layer Security 75

E-mail Internet Message Format Extensions Multipurpose Internet Mail Extensions, or MIME Redefines the format of messages to allow for: textual message bodies in character sets other than US- ASCII an extensible set of different formats for non-textual message bodies multi-part message bodies textual header information in character sets other than US- ASCII Documented in RFC 2045 through 2049 7 October 2016 MST CPE 5420 Application & Transport Layer Security 76

E-mail Security S/MIME Services A secure way to send and receive MIME data The services provided: authentication message integrity non-repudiation of origin (using digital signatures) data confidentiality (using encryption) as a supplementary service, S/MIME provides compression S/MIME is not restricted to mail can be used with any mechanism that transports MIME data such as HTTP or SIP 7 October 2016 MST CPE 5420 Application & Transport Layer Security 77

E-mail Security Cryptographic Algorithms in S/MIME Message digest: MD5 & SHA-1 Digital signature: DSS & RSA Encrypting session key: DH & RSA Symmetric encryption: 3DES, AES, RC2 Message authentication: HMAC 7 October 2016 MST CPE 5420 Application & Transport Layer Security 78

E-mail Security DKIM Overview DomainKeys Identified Mail A mechanism for signing and verifying messages Defines domain-level DS authentication framework for email through the use of public-key cryptography using the domain name service as its key server technology It permits verification of the signer of a message as well as the integrity of its contents DKIM's authentication of email identity can assist in the global control of spam and phishing Widely adopted by: e-mail providers and ISPs 7 October 2016 MST CPE 5420 Application & Transport Layer Security 79

Application Security Internet Mail Architecture 7 October 2016 MST CPE 5420 Application & Transport Layer Security 80

Application Security DKIM Architecture 7 October 2016 MST CPE 5420 Application & Transport Layer Security 81

E-mail Security DKIM Example from: reply-to: to: date: subject: Joe Miner <joe.miner@gmail.com> ns-3-users@googlegroups.com ns-3-users@googlegroups.com Wed, Oct 15, 2014 at 9:04 AM Re: ns-3 problems mailing list: ns-3-users.googlegroups.com Filter messages from this mailing list mailed-by: signed-by: unsubscribe: googlegroups.com gmail.com Unsubscribe from this mailing-list 7 October 2016 MST CPE 5420 Application & Transport Layer Security 82

E-mail Security DKIM Signature Example 1 DKIM-Signature: v=1; a=rsa-sha256; d=example.net; s=brisbane; c=relaxed/simple; q=dns/txt; l=1234; t=1117574938; x=1118006938; h=from:to:subject:date:keywords:keywords; bh=mtizndu2nzg5mdeymzq1njc4otaxmjm0nty3odkwmti=; b=dzdvyofakcdlxdjoc9g2q8loxslenisbav+yuu4zgeerud00l szz VoG4ZHRNiYzR v=dkim version a=algorithm d=domain name s=selector used by verifier to retrieve proper key c=canonicalization algorithm q=default query method 7 October 2016 MST CPE 5420 Application & Transport Layer Security 83

E-mail Security DKIM Signature Example 2 DKIM-Signature: v=1; a=rsa-sha256; d=example.net; s=brisbane; c=relaxed/simple; q=dns/txt; l=1234; t=1117574938; x=1118006938; h=from:to:subject:date:keywords:keywords; bh=mtizndu2nzg5mdeymzq1njc4otaxmjm0nty3odkwmti=; b=dzdvyofakcdlxdjoc9g2q8loxslenisbav+yuu4zgeerud00l szz VoG4ZHRNiYzR l=length of the canonicalized part t=signature timestamp x=expire time h=list of signed header fields bh=body hash b=actual digital signature of the contents 7 October 2016 MST CPE 5420 Application & Transport Layer Security 84

E-mail Security Spam Spam unsolicited marketing wasting time & resources First commercial instance in 1994 Canter and Siegel Green Card Lottery Final One? incident Mechanisms filtering counterattack fee restructuring [http://en.wikipedia.org/wiki/laurence_canter_and_martha_siegel] 7 October 2016 MST CPE 5420 Application & Transport Layer Security 85

E-mail Security Spam Distribution [http://www.symantec.com/security_response/landing/spam] 7 October 2016 MST CPE 5420 Application & Transport Layer Security 86

E-mail Security Verification of Sender Verifier to associate positive reputation with message Locally-maintained whitelists Shared reputation services Third-party accreditation 7 October 2016 MST CPE 5420 Application & Transport Layer Security 87

Impact: E-mail Security Attack Evaluation [RFC 4686] high: affects the verification of messages from an entire domain or multiple domains medium: affects the verification of messages from specific users, Mail Transfer Agents (MTAs), and/or time periods low: affects verification of isolated individual messages only Likelihood: high: all email users should expect this attack frequently medium: email users should expect this attack occasionally; frequently for a few users low: attack is expected to be rare and/or very infrequent 7 October 2016 MST CPE 5420 Application & Transport Layer Security 88

E-mail Security Attacks Against Message Signatures [RFC 4686] Attack Name Impact Likelihood Theft of private key for domain High Low Theft of delegated private key Medium Medium Private key recovery via side channel attack High Low Signed message replay Low High Denial-of-service attack against verifier High Medium Denial-of-service attack against key service High Medium Compromise of key server High Low Cryptographic weaknesses in signature High Low Falsification of key service replies Medium Medium Display name abuse Medium High 7 October 2016 MST CPE 5420 Application & Transport Layer Security 89

Privacy Enhanced Mail PEM is a 1993 RFC 1421 E-mail Security PEM Overview It is for securing email using public-key cryptography It was never widely deployed or used depends on prior deployment of a hierarchical PKI public key infrastructure (PKI) with a single root 7 October 2016 MST CPE 5420 Application & Transport Layer Security 90

References and Further Reading [KPS2002] Charlie Kaufman, Radia Perlman, and Mike Speciner, Network Security: Private Communication in a Public World, 2nd edition, Prentice Hall, 2002. [S2017] William Stallings, Cryptography and Network Security: Principles and Practice, 7th edition, Prentice Hall, 2017. [KR2013] James F. Kurose and Keith W. Ross, Computer Networking: A Top-Down Approach, 6th edition, Addison-Wesley, 2013. Some slides are adopted from KU EECS 882 Mobile Wireless Networking class taught by Prof. James P.G. Sterbenz [TLS: RFC 5246], [SSL: RFC 6101], [SN Attack: RFC 6528] [HTTPS: RFC 2818], [SSH: RFC 4251] [PGP: RFC 1991], [OpenPGP: RFC 4880], [PEM: RFC 1421] [S/MIME: RFC 5751], [DKIM: RFC 5585, RFC 5863] 7 October 2016 MST CPE 5420 Application & Transport Layer Security 91

End of Foils 7 October 2016 MST CPE 5420 Application & Transport Layer Security 92

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback