Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Similar documents
Kurose & Ross, Chapters (5 th ed.)

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

Ref:

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Network Security. Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2002.

CSC 8560 Computer Networks: Network Security

CS Computer Networks 1: Authentication

Encryption. INST 346, Section 0201 April 3, 2018

14. Internet Security (J. Kurose)

Computer Communication Networks Network Security

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

The Network Security Model. What can an adversary do? Who might Bob and Alice be? Computer Networks 12/2/2009. CSC 257/457 - Fall

SECURITY IN NETWORKS

CS 332 Computer Networks Security

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

SECURITY IN NETWORKS 1

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Chapter 8. Computer Networking: A Top Down Approach Featuring the Internet, 3 rd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2004.

Chapter 8 Security. Computer Networking: A Top Down Approach. Andrei Gurtov. 7 th edition Jim Kurose, Keith Ross Pearson/Addison Wesley April 2016

Chapter 8 roadmap. Network Security

Computer Networks. Wenzhong Li. Nanjing University

Internet and Intranet Protocols and Applications

Chapter 8 Network Security

Welcome to CS 395/495 Internet Security: A Measurement-based Approach

CSC 4900 Computer Networks: Security Protocols (2)

Chapter 4: Securing TCP connections

Security: Focus of Control. Authentication

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

UNIT - IV Cryptographic Hash Function 31.1

Security: Focus of Control

Chapter 8 Network Security. Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.

Chapter 8 Network Security

Chapter 8 Security. Computer Networking: A Top Down Approach

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Lecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.

Security and Privacy. Xin Liu Computer Science University of California, Davis. Introduction 1-1

Lecture 1 Applied Cryptography (Part 1)

COSC4377. Chapter 8 roadmap

Security issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.

(2½ hours) Total Marks: 75

key distribution requirements for public key algorithms asymmetric (or public) key algorithms

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

Lecture 2 Applied Cryptography (Part 2)

Cryptography (Overview)

Chapter 8 Network Security

Overview. SSL Cryptography Overview CHAPTER 1

Network Security Chapter 8

System and Network Security

Chapter 8 Web Security

CSE 127: Computer Security Cryptography. Kirill Levchenko

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Network Security. Chapter 8. MYcsvtu Notes.

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Issues. Separation of. Distributed system security. Security services. Security policies. Security mechanism

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Information Security. message M. fingerprint f = H(M) one-way hash. 4/19/2006 Information Security 1

APNIC elearning: Cryptography Basics

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Verteilte Systeme (Distributed Systems)

CSC 8560 Computer Networks: Security Protocols

EEC-682/782 Computer Networks I

Lecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Chapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

CSC 774 Network Security

COSC : mobility within same subnet. Lecture 26. H1 remains in same IP subnet: IP address can remain same

Introduction and Overview. Why CSCI 454/554?

Information Security CS 526

CS 356 Internet Security Protocols. Fall 2013

Transport Level Security

IP Security IK2218/EP2120

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

Computer Networks II

David Wetherall, with some slides from Radia Perlman s security lectures.

SSL/TLS. How to send your credit card number securely over the internet

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Background. Network Security - Certificates, Keys and Signatures - Digital Signatures. Digital Signatures. Dr. John Keeney 3BA33

Information System Architecture Natawut Nupairoj Ph.D. Department of Computer Engineering, Chulalongkorn University

CRYPTOGRAPHY & DIGITAL SIGNATURE

1.264 Lecture 28. Cryptography: Asymmetric keys

Real-time protocol. Chapter 16: Real-Time Communication Security

Network Security. Thierry Sans

Diffie-Hellman. Part 1 Cryptography 136

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

KALASALINGAM UNIVERSITY

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

CS 494/594 Computer and Network Security

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

E-commerce security: SSL/TLS, SET and others. 4.1

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

CSC/ECE 774 Advanced Network Security

Transcription:

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009. All material copyright 1996-2009 J.F Kurose and K.W. Ross, All Rights Reserved Introduction 1-2

Chapter 8: Network Security Chapter goals: understand principles of network security: cryptography and its many uses beyond confidentiality authentication message integrity security in practice: firewalls and intrusion detection systems security in application, transport, network, link layers

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS

What is network security? Confidentiality: only sender, intended receiver should understand message contents sender encrypts message receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Access and availability: services must be accessible and available to users

Friends and enemies: Alice, Bob, Trudy well-known in network security world Bob, Alice (lovers!) want to communicate securely Trudy (intruder) may intercept, delete, add messages Alice channel data, control messages Bob data secure sender secure receiver data Trudy

Who might Bob, Alice be? well, real-life Bobs and Alices! Web browser/server for electronic transactions (e.g., on-line purchases) on-line banking client/server DNS servers routers exchanging routing table updates other examples?

There are bad guys (and girls) out there! Q: What can a bad guy do? A: A lot! See section 1.6 eavesdrop: intercept messages actively insert messages into connection impersonation: can fake (spoof) source address in packet (or any field in packet) hijacking: take over ongoing connection by removing sender or receiver, inserting himself in place denial of service: prevent service from being used by others (e.g., by overloading resources)

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS

The language of cryptography K A Alice s encryption key Bob s decryption K B key plaintext encryption algorithm ciphertext decryption algorithm plaintext m plaintext message K A (m) ciphertext, encrypted with key K A m = K B (K A (m)) 10

Types of Cryptography Crypto often uses keys: Algorithm is known to everyone Only keys are secret Public key cryptography Involves the use of two keys Symmetric key cryptography Involves the use one key Hash functions Involves the use of no keys Nothing secret: How can this be useful? 11

Symmetric key cryptography K S K S plaintext message, m encryption algorithm ciphertext K S (m) decryption algorithm plaintext m = K S (K S (m)) symmetric key crypto: Bob and Alice share same (symmetric) key: K S e.g., key is knowing substitution pattern in mono alphabetic substitution cipher Q: how do Bob and Alice agree on key value? 12

Symmetric key crypto: DES DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64-bit plaintext input Block cipher with cipher block chaining How secure is DES? DES Challenge: 56-bit-key-encrypted phrase decrypted (brute force) in less than a day No known good analytic attack making DES more secure: 3DES: encrypt 3 times with 3 different keys (actually encrypt, decrypt, encrypt) 23

AES: Advanced Encryption Standard new (Nov. 2001) symmetric-key NIST standard, replacing DES processes data in 128 bit blocks 128, 192, or 256 bit keys brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES 25

Public Key Cryptography symmetric key crypto requires sender, receiver know shared secret key Q: how to agree on key in first place (particularly if never met )? public key cryptography radically different approach [Diffie- Hellman76, RSA78] sender, receiver do not share secret key public encryption key known to all private decryption key known only to receiver 26

Public key cryptography K B + K B - Bob s public key Bob s private key plaintext message, m encryption algorithm ciphertext + K (m) B decryption algorithm plaintext message - + m = K (K (m)) B B 27

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS

Message Integrity Allows communicating parties to verify that received messages are authentic. Content of message has not been altered Source of message is who/what you think it is Message has not been replayed Sequence of messages is maintained Let s first talk about message digests 40

Message Digests Function H( ) that takes as input an arbitrary length message and outputs a fixed-length string: message signature Note that H( ) is a manyto-1 function H( ) is often called a hash function large message m Desirable properties: Easy to calculate H: Hash Function H(m) Irreversibility: Can t determine m from H(m) Collision resistance: Computationally difficult to produce m and m such that H(m) = H(m ) Seemingly random output 41

Hash Function Algorithms MD5 hash function widely used (RFC 1321) computes 128-bit message digest in 4-step process. SHA-1 is also used. US standard [NIST, FIPS PUB 180-1] 160-bit message digest 43

message message message Message Authentication Code (MAC) s s = shared secret s H( ) H( ) compare Authenticates sender Verifies message integrity No encryption! Also called keyed hash Notation: MD m = H(s m) ; send m MD m 44

End-point authentication Want to be sure of the originator of the message end-point authentication. Assuming Alice and Bob have a shared secret, will MAC provide end-point authentication. We do know that Alice created the message. But did she send it? 48

Playback attack MAC = f(msg,s) Transfer $1M from Bill to Trudy MAC Transfer $1M from Bill to Trudy MAC

Defending against playback attack: nonce I am Alice R MAC = f(msg,s,r) Transfer $1M from Bill to Susan MAC

Digital Signatures Cryptographic technique analogous to handwritten signatures. sender (Bob) digitally signs document, establishing he is document owner/creator. Goal is similar to that of a MAC, except now use public-key cryptography verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document 51

Digital Signatures Simple digital signature for message m: Bob signs m by encrypting with his private key - - K B, creating signed message, K B (m) Bob s message, m Dear Alice Oh, how I have missed you. I think of you all the time! (blah blah blah) Bob K B - Public key encryption algorithm Bob s private key K B - (m) Bob s message, m, signed (encrypted) with his private key 52

Digital signature = signed message digest Bob sends digitally signed message: large message m + H: Hash function Bob s private key K B - H(m) digital signature (encrypt) encrypted msg digest - K B (H(m)) Alice verifies signature and integrity of digitally signed message: large message m H: Hash function H(m) Bob s public key K B + equal? encrypted msg digest - K B (H(m)) digital signature (decrypt) H(m) 53

Digital Signatures (more) Suppose Alice receives msg m, digital signature K B (m) Alice verifies m signed by Bob by applying Bob s + - + - public key K B to K B (m) then checks K B (K B (m) ) = m. + - If K B (K B (m) ) = m, whoever signed m must have used Bob s private key. - Alice thus verifies that: Bob signed m. No one else signed m. Bob signed m and not m. Non-repudiation: - Alice can take m, and signature K B (m) to court and prove that Bob signed m. 54

Public-key certification Motivation: Trudy plays pizza prank on Bob Trudy creates e-mail order: Dear Pizza Store, Please deliver to me four pepperoni pizzas. Thank you, Bob Trudy signs order with her private key Trudy sends order to Pizza Store Trudy sends to Pizza Store her public key, but says it s Bob s public key. Pizza Store verifies signature; then delivers four pizzas to Bob. Bob doesn t even like Pepperoni 55

Certification Authorities Certification authority (CA): binds public key to particular entity, E. E (person, router) registers its public key with CA. E provides proof of identity to CA. CA creates certificate binding E to its public key. certificate containing E s public key digitally signed by CA CA says this is E s public key Bob s identifying information Bob s public key K B + digital signature (encrypt) CA private key K - CA K B + certificate for Bob s public key, signed by CA 56

Certification Authorities When Alice wants Bob s public key: gets Bob s certificate (Bob or elsewhere). apply CA s public key to Bob s certificate, get Bob s public key K B + digital signature (decrypt) K B + Bob s public key CA public key K + CA 57

Certificates: summary Primary standard X.509 (RFC 2459) Certificate contains: Issuer name Entity name, address, domain name, etc. Entity s public key Digital signature (signed with issuer s private key) Public-Key Infrastructure (PKI) Certificates and certification authorities Often considered heavy 58

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS

Secure e-mail Alice wants to send confidential e-mail, m, to Bob. K S m K S ( ). K S (m ) K S (m ) K S ( ). m K S +. K B ( ) K B + + K B (K S ) + - Internet + K B (K S ) K B - K S -. K B ( ) Alice: generates random symmetric private key, K S. encrypts message with K S (for efficiency) also encrypts K S with Bob s public key. sends both K S (m) and K B (K S ) to Bob.

Secure e-mail Alice wants to send confidential e-mail, m, to Bob. K S m K S ( ). K S (m ) K S (m ) K S ( ). m K S +. K B ( ) K B + + K B (K S ) + - Internet + K B (K S ) K B - K S -. K B ( ) Bob: uses his private key to decrypt and recover K S uses K S to decrypt K S (m) to recover m

Secure e-mail (continued) Alice wants to provide sender authentication message integrity. m H( ) K Ā. -. K A ( ) - K A (H(m)) - K A (H(m)) K+ A +. K A ( ) H(m ) + - Internet compare m m. H( ) H(m ) Alice digitally signs message. sends both message (in the clear) and digital signature.

Secure e-mail (continued) Alice wants to provide secrecy, sender authentication, message integrity. m H( ) K Ā. -. K A ( ) + - K A (H(m)) K S ( ). K S m K S +. K B ( ) K B + + + K B (K S ) Internet Alice uses three keys: her private key, Bob s public key, newly created symmetric key

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS

SSL: Secure Sockets Layer Widely deployed security protocol Supported by almost all browsers and web servers https Tens of billions $ spent per year over SSL Originally designed by Netscape in 1993 Number of variations: TLS: transport layer security, RFC 2246 Provides Confidentiality Integrity Authentication Original goals: Had Web e-commerce transactions in mind Encryption (especially credit-card numbers) Web-server authentication Optional client authentication Minimum hassle in doing business with new merchant Available to all TCP applications Secure socket interface 65

SSL and TCP/IP Application TCP IP Normal Application Application SSL TCP IP Application with SSL SSL provides application programming interface (API) to applications C and Java SSL libraries/classes readily available 66

Could do something like PGP: m H( ) K Ā. -. K A ( ) - K A (H(m)) K S +. K S ( ) m K S +. K B ( ) K B + + + K B (K S ) Internet But want to send byte streams & interactive data Want a set of secret keys for the entire connection Want certificate exchange part of protocol: handshake phase 67

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS

Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity 8.4 Securing e-mail 8.5 Securing TCP connections: SSL 8.6 Network layer security: IPsec 8.7 Securing wireless LANs 8.8 Operational security: firewalls and IDS

Firewalls firewall isolates organization s internal net from larger Internet, allowing some packets to pass, blocking others. administered network public Internet firewall

Firewalls: Why prevent denial of service attacks: SYN flooding: attacker establishes many bogus TCP connections, no resources left for real connections prevent illegal modification/access of internal data. e.g., attacker replaces CIA s homepage with something else allow only authorized access to inside network (set of authenticated users/hosts) three types of firewalls: stateless packet filters stateful packet filters application gateways

Intrusion detection systems packet filtering: operates on TCP/IP headers only no correlation check among sessions IDS: intrusion detection system deep packet inspection: look at packet contents (e.g., check character strings in packet against database of known virus, attack strings) examine correlation among multiple packets port scanning network mapping DoS attack

Intrusion detection systems multiple IDSs: different types of checking at different locations application gateway firewall Internet internal network IDS sensors Web server FTP server DNS server demilitarized zone

Network Security (summary) Basic techniques... cryptography (symmetric and public) message integrity end-point authentication. used in many different security scenarios secure email secure transport (SSL) IP sec 802.11 Operational Security: firewalls and IDS 8: Network Security

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback