Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Networking

LN4

advertisement 
CET 458/598
Fall 2000
Lecture Notes
Chapter 8 - Security
There are several to compromise communication between two computers:
1. on shared media eavesdrop (listen in)
2 spoof – pretend to be source or destination after a communication has started or start
one pretending to be a different computer (/user)
3 insert packets (up to taking over a connection)
4 modify packets
The eventual goal is to take-over an end-point computer or router/switch/hub. At a higher level
attacks are built out of one or more of the above four methodologies using application layer
functionality in unintended ways. Examples are Denial-of-service attacks based on
overwhelming a computer/network with packets to tie-up resources; open port probes, password
cracking, applications with holes such as buffer overflow issues. And lastly, there is the use of
the application functionality to smuggle in a program that can be helpful in taking over the
computer (viruses, worms, etc).
The idea not stated in the text is to use encryption and associated technologies to hide data and
provide strong authentication (verify that a communication is from who it is purported to be
from). If used appropriately this gets rid of most of the above problems (e.g., except some
application level problems).
You are responsible for all Sections of Chapter 8 except 8.3.1 & 8.3.2.
Terminology
Encryption, decryption, plaintext, ciphertext, , authentication, message integrity, nonrepudiation, key distribution, secret key, public (&private) key, hashing algorithms,
message digest, , one-way functions, MD5, computational feasibility, DES, triple-DES
Requirements of an encryption algorithm
Very, very hard to get plaintext from ciphertext.
Algorithm will be know widely,\.
Uses an encryption key.
Impossible (hard) to deduce key given algorithm ciphertext and plaintext.
Requirements of a message digest
Doesn’t use a key.
One-way function (computationally infeasible to produce same result without original
text and nor by modifying original text)
Computationally efficient.
DES (Data Encryption Standard)
US government standard
Operates on 64 byte blocks of plaintext producing 64 byte blocks of ciphertext
Uses 56 byte key.
Uses 16 rounds of permutations and combinations.
LN2
1/5
CET 458/598
Fall 2000
Lecture Notes
For messages longer than 64 bytes uses cipher-block-chaining (output of 1st block XOR’d
with next block of plaintext before being input to DES function. (An initialization
vector, sometimes called the salt, is used for block 0.)
Now on border of easy crackability.
So use triple-DES – DESify 3 times with two keys 1 for round and round 3 and the other
for round 2
Reasonably efficient.
RSA
A public key algorithm – two key: a public and a private (only owner knows); symmetric
keys (either can be used to encrypt or decrypt the other one’s cipher text).
Uses large keys (512 bytes or longer) derived from large prime numbers (256 or greater).
The encryption and decryption are computationally intense using exponentiation and
modulus operators.
Organizations are already moving to 768 & 1024 or larger keys.
Quit slow.
MD5 – Message Digest 5
(MD4 and MD2 are in use some places.)
Like SHA (US gov.).
Produces an apparently random fix length output from a message in a mathematical way.
The same output is always produced from the same message and digest function.
Block is 512 bytes (message length up to 2**64).
Reasonable efficiency.
Authentication Protocols
Is the other party who they say they are?
Three-way handshake with encrypted messages. But where did the keys come from?
Trusted third party (the authentication server). Useful if the party know nothing about one
another.
Kerberos (used at ASU, Windows 2000 uses it, too) is a trusted third party system where
there is a key shared between server and user.
Public key – requires that the public key you believe belongs to XYZ actually does.
Frequently uses a trusted third party to store and disseminate public keys.
Message Integrity Protocols
May want to guarantee that it isn’t modified in transit (or later) but don’t care about
privacy or just want to be sure isn’t changed after receipt.
Could use DES CBC residue (last block output).
RSA Digital Signature
Sender encrypts the message with private key, which can be decrypted with the
private key
(Variation encrypt just a hash code with RSA private key.)
Keyed MD5
Append shared key to message and use MD% , send message (less key) and MD5
hash; user appends key to message & computes MD 5 & compares.
LN2
2/5
CET 458/598
Fall 2000
Lecture Notes
Alternative: sender picks key at random, computes hash and sends as above but
also send as above, but also sends the key encrypted in the recipients
public key that is encrypted with the senders private key. Recipient
decrypts the key using the senders public key and recipient’s private key
then appends to message to compute the hash before comparing.
Public Key Distribution
Problem is how can we be sure that a public key legitimately belongs to the entity
claiming that it does.
The answer is a digital certificate, which is an electronic document that is digitally signed
by a certificate authority (a trusted third party). The CA is usually the entity that
issued the key and the certificate. To do this the public key of the CA has to be
widely known.
Under some circumstances there needs to be a hierarchy of CA’s that end up form a chain
of trusts certifying a key/certificate.
A certificate usually contains: name of entity being certified, public key, name of the CA,
digital signature, digital signature algorithm type, frequently an expiration date.
A certificate certifies a public key and can be copied at need. Only possession of the
private key shows you are the named entity.
Besides expiration certificates occasionally need to be canceled/revoked. The main
reason for this is that the private key has been compromised.
Solution is the publication (by the CA) of a digitally signed CRL (certificate revocation
list).
Note: PGP is pretty interesting. You should read it after the test.
TLS/SSL/HTTPS
General purpose “middleware” security protocol that “lives” between the application and
the transport layer that, in effect, provides a secure transport layer to the
application.
Has a handshake protocol that negotiates keys to be used during “normal” data transfer.
Data transfer protocol (session) transfers blocks (convenient size) that may be
compressed, encrypted, and integrity protected (hashed). Sessions may be
resumed as sessions contain session id’s.
Despite what the book says there is not a single CA but a set of well-known CA’s
(Verisign and Entrust being the most well-known).
IPSEC
An extension of IP that emulates Ipv6 in most things that are useful in providing
security.
Authentication header and Encapsulating security payload are carried in IP payload area
– real data carried in their data/payload area.
Uses ISAKMP for key management.
The AH & ESP define a security association which is assigned a Security Parameters
Index. The SPI identifies keys and procedures needed to provide the security
LN2
3/5
CET 458/598
Fall 2000
Lecture Notes
functionality the user wants. ISAKMP is used to negotiate keys, algorithms,
packet formats and services.
Frequently the VPN protocol of choice.
Firewalls
Firewalls are placed between that part of the network to be protected and the rest of the network
(i.e., Internet). A firewall, usually, act as a packet filter at the network layer dropping/passing
packets based on source/destination IP and port. Some firewalls may be configured to work on
the protocol/application level as well. These later are sometimes configured as proxy firewalls
(i.e., have a full application running on them that does explicit filtering) and some just know
enough to block/pass certain protocols or sub-protocols.
The proxy server can be moved out of the firewall to proved better security at the firewall. The
proxy sever can be placed on either side of the firewall. If on the outside the proxy server has to
be security hardened. It, potentially, provides better service on the outside. The firewall then
filters out packets associated with the proxy service unless they come from the proxy server.
When the proxy server is on the inside of the firewall all packets associated with the proxy
service, regardless of destination IP, are directed to the proxy server.
Further security can be obtained by putting the proxy server on a separate network connected to
the firewall. Another approach is to place a second layer of firewalls behind the first and have the
proxy server work in the middle ground. The extra network where the proxy server lives is
usually called the DMZ.
In a multi-tiered application environment, the layer closest to the client is frequently put in the
DMZ. Sometimes the application server has two network interfaces for separate unconnected
networks that adds yet another layer of insulation.
Many times VPN tunneling software is added to a firewall to enhance the firewall to firewall
communication security or user to firewall security.
Chapter 9 – Applications
You are responsible for the entire Chapter.
DNS
Domain Name System
Converts human readable names to IPs and the reverse.
IPs have flat structure. DNS names are hierarchical with separator of “dot”.
Names are bound to values (IPs or alias names).
Uses a hierarchy of name servers.
A name server is responsible for one or morel zones (part of the hierarchy).
See Figure 9.5 for typical name resolution process.
LN2
4/5
CET 458/598
Fall 2000
Lecture Notes
SMTP
Simple Mail Transfer Protocol
Straight SMTP only deals with ascii messages.
Use MIME to send multi-part encoded messages. Can carry almost anything including:
digital pictures, music, executables, viruses and worms.
Messages are asynchronous.
“System” consists of sending programs, mail transfer agents, mail storage agents and
receiving clients.
HTTP
World Wide Web transfer protocol. Transfers HTML.
Client (browser) requests action of server. Server either provides information, takes
action dependent on server page or accepts additional info.
Simple. ”POST, PUT, DELETE” see little use.
SNMP
System and network management protocol. Simple request response process that runs on
top of UDP. Used to get or set a set of variables stored in a MIB.
Notoriously unsecured.
Multimedia Applications
Various ways to compress data: static data – run-length encoding, differential methods,
Huffman coding, dictionary (Lempel-Ziv), JPEG etc ; data streams use more
dynamic variety (MPEG). Most of these are covered in Chapter 7 if you really
want to know about them. They can be characterized as either lossless or lossy.
Use lossless if you can’t afford to lose even a bit. Lossy usually faster and usable on
streams. MPEG uses differential. Forecasting and motion detection.
Use RTP for data transfer (accommodates loss). Fixed size packets with sequence
number and timestamp to help playback buffer remove jitter and deal with loss.
Use H.323 to do signaling (session and call control). [Newer stuff coming out next year
for this functionality.]
LN2
5/5
Related documents
Chapter 15
Chapter 15
HW2_Solutions
HW2_Solutions
Mock AFM (Atomic Force Microscope) powerpoint
Mock AFM (Atomic Force Microscope) powerpoint
Chapter 1 - shaieb.net
Chapter 1 - shaieb.net
Chapter 7 - Section 7.4
Chapter 7 - Section 7.4
midterm questions
midterm questions
Barracuda Web Application Firewall
Barracuda Web Application Firewall
1 12. Firewalls Content 12. Firewalls 12.1 Definition
1 12. Firewalls Content 12. Firewalls 12.1 Definition
Topic 2 Firewall
Topic 2 Firewall
Automating ISA Server 2000 Client Configuration
Automating ISA Server 2000 Client Configuration
Download
advertisement