Add to collection(s) Add to saved
  1. No category
Uploaded by Sisay Fekadu

5. COSC 6301 – Computer Security - System Controls

advertisement 
Addis Ababa University
Faculty of Science
Department of Computer Science
COSC 6301 – Computer Security
Chapter 5 – Technical Controls
By
Girum Ketema (PhD)
Girumk@gmail.com
Girum.ketema@ju.edu.et
Outline
Identification and Authentication
Logical Access Control
Audit Trails
Cryptography
Outline
Identification and Authentication
Logical Access Control
Audit Trails
Cryptography
Identification and Authentication (I & A)
• For most systems, identification and authentication is often the first
line of defense.
• Identification is the means of verifying/indicating the identity of a
user, process, or device, typically as a prerequisite for granting access
to resources in a system.
• Authentication is the act/process of proving the identity of a
computer system user.
• Computer systems recognize people based on the authentication
data the systems receive.
Identification and Authentication (I & A)
• There are three means of authenticating a user's identity which can
be used alone or in combination:
• Something the individual knows (a secret- e.g., a password, Personal
Identification Number (PIN), or cryptographic key);
• Something the individual possesses (a token - e.g., an ATM card or a smart
card);
• Something the individual is (a biometric - e.g., such characteristics as a voice
pattern, iris, face, or a fingerprint).
I&A Based on Something the User Knows Passwords
• Password systems work by requiring the user to enter a user ID and
password (or passphrase or personal identification number).
• The system compares the password to a previously stored password for that user ID.
• If there is a match, the user is authenticated and granted access.
• Benefits of passwords
• Many admins know how it works
• Integrated with many operating systems
• Problems of passwords
• Security depends on keeping passwords secret. It can easily be compromised
•
•
•
•
Guessing Passwords
Giving Passwords away
Electronic Monitoring
Accessing the password file
I&A Based on Something the User Knows –
Passwords – Strengthening Passwords
• Use Password generators.
• Limits on log-in attempts.
• Password attributes
•
•
•
•
Minimum length
Special characters
Numbers
Capital and small letters
• Periodically Change Passwords
• Protection of the Password File
• Access control
• One-way encryption
I&A Based on Something the User Knows –
Cryptographic Keys
• Knowledge of the encryption keys is important for I&A
• Encryption keys are required to encrypt/decrypt information
• This might have to be used along with other I&A methods (because
you may need to have a PC or Smart Card to use the Keys)
I&A Based on Something the User Possesses
• This method can be applied alone or in combination with “something
the user knows”
• Combining this method with “something the user knows” results in
stronger security
• The object that the user possesses is called Token.
• Tokens may be categorized as
• Smart Tokens
• Memory Tokens
I&A Based on Something the User Possesses –
Memory Tokens
• Memory tokens store information
• They do not process info
•
•
•
•
•
Special readers/writers are used to access or modify the information
Magnetic Strips are commonly used.
Examples: ATM Cards, Passive RFID Cards, …
Usually, such tokens are used in combination with PIN
Benefits
• Stronger authentication than passwords (when used with PIN)
• Easier for logging
• Problems
• Requires special readers
• Token loss
• Compromised PIN
I&A Based on Something the User Possesses –
Smart Tokens
• Improve memory tokens by including Integrated Circuits (Chips)
• A smart token requires a user also to provide something the user knows (i.e., a
PIN or password) in order to "unlock" the smart token for use.
• Types of smart tokens
• Based on Physical Characteristics
• Smart Card – similar to ATM card but has microprocessor
• Other Types of Tokens – different shapes (eg. Key fob, …)
• Based on Interface
• Manual – Have keys to enter PIN
• Electronic – automatically read by machine
• Protocol
• Static Password Exchange – same as memory tokens
• Dynamic password Generator – create a unique value regularly (eg. Every minute)
• Challenge-response protocol – computer generates a challenge and the token provides response
I&A Based on Something the User Possesses –
Smart Tokens
• Benefits
• One-Time Passwords (OTPs)
• Reduced Risk of Forgery
• Multi-application
• Problems
• Needs readers/writers or human intervention
• Readers/writers – cost
• Human intervention – user dissatisfaction
• Substantial Administration
I&A Based on Something the User IS
• Biometric authentication technologies use the unique characteristics (or attributes) of
an individual to authenticate that person’s identity.
•
•
•
•
Fingerprints
Voice
Face
Iris (Retina)
• Enrolment of users by creating a reference profile is done before authentication
• Every time the user tries to authenticate, the biometric measurement is taken and is
compared against the reference profile
• Benefits
• Very secured as compared to other methods
• Problems
• Expensive
• Biometric attributes may change under different conditions (e.g., voice or fingerprint changes)
Implementation of I&A systems –
Administration
• I&A systems need to create, distribute, and store authentication data.
• For passwords - creating passwords, issuing them to users and maintaining a
password file.
• For Token systems - creation and distribution of tokens/PINs and data that tell the
computer how to recognize valid tokens/PINs.
• For Biometric systems - creating and storing profiles.
• Administration of authentication data is a critical element for all types of
authentication systems.
• I&A administrative tasks should address lost or stolen passwords or
tokens.
• The administrative overhead associated with I&A can be significant.
• Protecting password files (even from system administrators) is also an
admin task
Implementation of I&A systems – Maintaining
Authentication
• Unauthorized user may use other person’s (legitimate user’s) loggedin session to access the system
• Different mechanisms must be in place to prevent this
• Logout user after some idle time
• Lock screen after some idle time
Implementation of I&A systems – Single Sign
On (SSO)
• Single sign-on is an authentication scheme that allows a user to log in
with a single ID to any of several related, yet independent, software
systems.
• True single sign-on allows the user to log in once and access services without
re-entering authentication factors.
• If the systems that needs authentication are on the one host, use
access control lists for SSO.
• If the systems are on different hosts, use:
• Host-to-Host Authentication
• Authentication Server
• User-to-Host Authentication
Implementation of I&A systems – Single Sign
On (SSO) …
• Host-to-Host Authentication
• users authenticate themselves once to a host computer. That computer then authenticates
itself to other computers and assures for the specific user.
• can be done by passing a password or by a challenge-response mechanism or other onetime password scheme.
• Under this approach, it is necessary for the computers to recognize each other and to trust
each other.
• Authentication Server
• the users authenticate themselves to a special host computer (the authentication server).
This computer then authenticates the user to other host computers the user wants to access.
• The host computers needs to trust the authentication server
• Examples Protocols: Kerberos, TACACS, RADIUS, DIAMETER, LDAP, …
• User-to-Host Authentication
• requires the user to log-in to each host computer.
• a smart token (such as a smart card) can contain all authentication data and perform that
service for the user.
• To users, it looks as though they were only authenticated once.
Outline
Identification and Authentication
Logical Access Control
Audit Trails
Cryptography
Logical Access Controls
• Logical access controls provide a technical means of controlling what
information users can utilize, the programs they can run, and the modifications
they can make.
• It is used to permit or deny access to a particular resource.
• Access is different from authorization and authentication
• Access = the ability to do something (eg. Modify or view) on a computer resource
• Authorization = permission to use a computer resource
• Authentication = proving that users who they claim to be
• Access control is the means by which the ability is explicitly enabled or restricted
in some way (usually through physical and system-based controls).
• Computer-based access controls are called logical access controls.
• Logical access controls can prescribe not only who or what is to have access to a
specific system resource but also the type of access that is permitted.
Access Criteria
• Identity Based
• Based on identity of the user (most logical access controls are based on this)
• Individual, group or anonymous identities can be applied
• Role based
• Access to information may also be controlled by the job assignment or function
• Access rights are grouped by role names (eg. Data entry clerk, programmer, …)
• Different from shared or group account
• Location based
• Access to particular system resources may also be based upon physical or logical location.
• Time based
• Time-of-day or day-of-week restrictions are common limitations on access.
• Transaction based
• Access is dynamically granted by the system for specific transactions to reduce mischief
• Common access modes
• Read, Write, Execute, Delete, Create, Search
Access Policy
• Logical access controls are a technical means of implementing policy
decisions.
• The development of an access control policy requires balancing interests of
•
•
•
•
security
operational requirements
User-friendliness
Technical constraints
• Who should have what type of access is addressed by system specific
policies (discussed as management control), enforcing this policy through
technical means is implementation issue and hence is technical control
Technical Implementation Mechanisms Internal Access Controls
• Internal Access Controls are a logical means of separating what users (or user
groups) can or cannot do with system resources.
• Passwords
• Passwords are most often associated with user authentication.
• They are also used to protect data and applications on many systems
• Encryption
• Encrypted information can only be decrypted by those possessing the appropriate
cryptographic key.
• Specially very important for resources with limited physical security (eg. Laptops)
• Access Control Lists (ACLs)
• Is a list (or multiple lists) of
• users who have been given permission to use a particular system resource
• The type of access they have been permitted.
• ACLs vary considerably in their capability and flexibility.
Technical Implementation Mechanisms Internal Access Controls …
• Constrained User Interfaces
• Restrict users' access to specific functions by never allowing them to request
the use of information, functions, or other specific system resources for which
they do not have access.
• Often used with ACLs
• Three major types exist:
• menus
• database views
• physically constrained user interfaces
• Security Labels
• Labels can be used for controlling access, specifying protective measures, or
indicating additional handling instructions.
Technical Implementation Mechanisms External Access Controls
• External access controls are a means of controlling interactions between
the system and outside people, systems, and services.
• Port Protection Devices
• Fitted to a communications port of a host computer, a port protection device (PPD)
authorizes access to the port itself, prior to and independent of the computer's own
access control functions.
• Secure Gateways/Firewalls
• block or filter access between two networks, often between a private network and
public network, which attract malicious hackers.
• Can be combined with other functionalities (IPS/IDS, UTM., …)
• Host-Based Authentication
• Host-based authentication grants access based upon the identity of the host
originating the request, instead of the identity of the user making the request.
Administration of Access Controls
• Access Control Administration involves implementing, monitoring,
modifying, testing, and terminating user accesses on the system.
• There are three basic approaches to administering access controls:
centralized, decentralized, or Hybrid.
• Centralized Administration
• One user or office is responsible for administration of access controls
• Decentralized
• Access control is administered directly by the owners of the files or the systems
• Hybrid
• Combines both centralized and decentralized administration
• Central Administration = broadest and basic access
• Owners/creators = access to their files
Outline
Identification and Authentication
Logical Access Control
Audit Trails
Cryptography
Audit Trail
• An audit trail is a series of records of computer events, about an
operating system, an application, or user activities.
• A computer system may have several audit trails, each devoted to a
particular type of activity.
• Auditing is the review and analysis of management, operational, and
technical controls.
• The auditor can obtain valuable information about activity on a
computer system from the audit trail.
• Audit trails improve the auditability of the computer system.
Benefits and Objectives
• Audit trails can provide a means to help accomplish several securityrelated objectives.
• Individual Accountability
• The responsible person for an event can be identified from the audit trails
• Reconstruction of Events
• By combining multiple audit trails from different systems, the admins may reconstruct
the event that led to security breach
• Intrusion Detection
• Intrusion can be detected by careful analysis of audit trails
• Problem Analysis
• The logged information in the audit trail may indicate the cause of a problem
Audit Trails and Logs
• A system can maintain several different audit trails concurrently. Two
kinds of information are logged
• An event-oriented log
• A record of every keystroke
• Event-based logs usually contain records describing system events,
application events, or user events.
• Audit trails must collect sufficient records required for auditing
• Too much records = resource wastage (storage, processing, …)
• Too little records = not sufficient enough for the required auditing
Audit Trails and Logs …
• Keystroke monitoring
• Keystroke monitoring is the process used to view or record both the keystrokes
entered by a computer user and the computer's response during an interactive
session.
• Examples of keystroke monitoring would include viewing characters as they are
typed by users, reading users' electronic mail, and viewing other recorded
information typed by users.
• Audit Events
• System audit records are generally used to monitor and fine-tune system
performance.
• Application audit trails may be used to discern flaws in applications, or violations of
security policy committed within an application.
• User audits records are generally used to hold individuals accountable for their
actions.
• An analysis of user audit records may expose a variety of security violations
Audit Trails and Logs – Different log files
Outline
Identification and Authentication
Logical Access Control
Audit Trails
Cryptography
Secure Communication
Needs and Requirements
• Secrecy
• Only intended receiver understands the message
• Authentication
• Sender and receiver need to confirm each others identity
• Message Integrity
• Ensure that their communication has not been altered, either maliciously or
by accident during transmission
Cryptography
Basics
• Cryptography is the science of secret, or hidden writing
• It has two main Components:
• Encryption
• Practice of hiding messages so that they can not be read by anyone other
than the intended recipient
• Authentication & Integrity
• Ensuring that users of data/resources are the persons they claim to be
and that a message has not been surreptitiously altered
Encryption
Cipher
• Cipher is a method for encrypting messages
Plain Text
Encryption
Algorithm
Key A
Cipher Text
Decryption
Algorithm
Plain Text
Key B
• Encryption algorithms are standardized & published
• The key which is an input to the algorithm is secret
• Key is a string of numbers or characters
• If same key is used for encryption & decryption the algorithm is called symmetric
• If different keys are used for encryption & decryption the algorithm is called asymmetric
Encryption
Symmetric Algorithms
•
Algorithms in which the key for encryption and decryption are
the same are Symmetric
•
•
Example: Caesar Cipher
Types:
1. Block Ciphers
–
–
Encrypt data one block at a time (typically 64 bits, or 128 bits)
Used for a single message
2. Stream Ciphers
–
–
Encrypt data one bit or one byte at a time
Used if data is a constant stream of information
Symmetric Encryption
Key Strength
•
Strength of algorithm is determined by the size of the key
•
•
Key length is expressed in bits
•
•
Typical key sizes vary between 48 bits and 448 bits
Set of possible keys for a cipher is called key space
•
•
•
•
The longer the key the more difficult it is to crack
For 40-bit key there are 240 possible keys
For 128-bit key there are 2128 possible keys
Each additional bit added to the key length doubles the security
To crack the key the hacker has to use brute-force
•
•
(i.e. try all the possible keys till a key that works is found)
Supercomputers can crack a 56-bit key in 24 hours
It will take 272 times longer to crack a 128-bit key
(Longer than the age of the universe)
Substitution Ciphers
Caesar Cipher
•
Caesar Cipher is a method in which each letter in the
alphabet is rotated by fixed letters as shown
ABCDEFGHIJKLMNOPQRSTUVWXYZ
DEFGHIJKLMNOPQRSTUVWXYZABC
Substitution Ciphers
Caesar Cipher
Encryption
Plain Text
Message:
Attack at Dawn
Decryption
Cipher Text
Cipher:
Caesar Cipher
Algorithm
Key (3)
Cipher Text
Message:
Dwwdfn Dw Gdyq
Message:
Dwwdfn Dw Gdyq
Plain Text
Cipher:
Caesar Cipher
Algorithm
Key (3)
Message:
Attack at Dawn
Substitution Cipher
Monoalphabetic Cipher
•
Any letter can be substituted for any other letter
•
Each letter has to have a unique substitute
ABCDEFGH I JKLMNOPQRSTUVWXYZ
MNBVCXZASDFGHJ KLPO IUYTREWQ
•
•
There are 26! pairing of letters (~1026)
Brute Force approach would be too time consuming
•
Statistical Analysis would make it feasible to crack the key
Message:
Bob, I love you.
Alice
Cipher:
Monoalphabetic
Cipher
Key
Encrypted
Message:
Nkn, s gktc wky.
mgsbc
Substitution Cipher
Polyalphabetic Caesar Cipher
•
Uses a sequence of monoalpabetic ciphers in tandem
•
•
e.g. C1, C2, C2, C1, C2
Plain Text
ABCDEFGH I JKLMNOPQRSTUVWXYZ
C1(k=6)
C2(k=20)
FGH I JKLMNOPQRSTUVWXYZABCDE
TUVWXYZABCDEFGH I JKLMNOPQRS
Example
Message:
Bob, I love you.
Alice
Cipher:
Monoalphabetic
Cipher
Key
Encrypted
Message:
Gnu, n etox dhz.
tenvj
Transposition Cipher
•
•
•
Columnar Transposition
This involves rearrangement of characters on the plain text into columns
How it works
• Arrange the word in columns. The number of columns is determined by the number of
letters in the keyword
• The cipher text is formed by collecting the letters in the columns. The order of
collection columns is determined by the alphabetical order of the letters in the key
EXAMPLE:
•
•
Plain Text = “THIS IS PLAIN TEXT”
Keyword = HEMAN Length of Keyword = 5
H
E
M
A
N
3
2
4
1
5
T
H
I
S
-
I
S
-
P
L
A
I
N
-
T
E
X
T
Z
Z
Cipher Text
SP Z HSIXTIAEI NT LTZ
Alphabetical Order = 32415
Transposition Cipher
Columnar Transposition
•
•
Decryption
EXAMPLE:
•
•
Cipher Text = “SP ZHSIXTIAEI NT LTZ”
Keyword = HEMAN Length of Keyword = 5
Plain Text
H
E
M
A
N
3
2
4
1
5
Alphabetical Order = 32415
Transposition Cipher
Columnar Transposition
•
•
Decryption
EXAMPLE:
•
•
Cipher Text = “SP ZHSIXTIAE LTZ”
Keyword = HEMAN Length of Keyword = 5
= 32415
Plain Text
H
E
M
A
N
3
2
4
1
5
S
P
Z
Alphabetical Order
Transposition Cipher
Columnar Transposition
•
•
Decryption
EXAMPLE:
•
•
Cipher Text = “SP ZHSIXTIAE LTZ”
Keyword = HEMAN Length of Keyword = 5
= 32415
Plain Text
H
E
M
A
N
3
2
4
1
5
H
S
S
P
I
-
X
Z
Alphabetical Order
Transposition Cipher
Columnar Transposition
•
•
Decryption
EXAMPLE:
•
•
Cipher Text = “SP ZHSIXTIAE LTZ”
Keyword = HEMAN Length of Keyword = 5
= 32415
Plain Text
H
E
M
A
N
3
2
4
1
5
T
H
S
I
S
P
A
I
-
E
X
Z
Alphabetical Order
Transposition Cipher
Columnar Transposition
•
•
Decryption
EXAMPLE:
•
•
Cipher Text = “SP ZHSIXTIAE LTZ”
Keyword = HEMAN Length of Keyword = 5
= 32415
Plain Text
H
E
M
A
N
3
2
4
1
5
T
H
I
S
I
S
-
P
A
I
N
-
E
X
T
Z
Alphabetical Order
Transposition Cipher
Columnar Transposition
•
•
Decryption
EXAMPLE:
•
•
Cipher Text = “SP ZHSIXTIAE LTZ”
Keyword = HEMAN Length of Keyword = 5
= 32415
Plain Text
THIS IS PLAIN TEXT
H
E
M
A
N
3
2
4
1
5
T
H
I
S
-
I
S
-
P
L
A
I
N
-
T
E
X
T
Z
Z
Alphabetical Order
Ciphers
Shannon’s Characteristics of “Good” Ciphers
• The amount of secrecy needed should determine the amount of
labor appropriate for the encryption and decryption.
• The set of keys and the enciphering algorithm should be free from
complexity.
• The implementation of the process should be as simple as possible.
• Errors in ciphering should not propagate and cause corruption of
further information in the message.
• The size of the enciphered text should be no larger than the text of
the original message.
Cryptanalysis
•
Techniques
Cryptanalysis is the process of breaking an encryption code
•
•
Tedious and difficult process
Several techniques can be used to deduce the algorithm
•
•
•
•
•
Attempt to recognize patterns in encrypted messages, to be able to break
subsequent ones by applying a straightforward decryption algorithm
Attempt to infer some meaning without even breaking the encryption, such as
noticing an unusual frequency of communication or determining something by
whether the communication was short or long
Attempt to deduce the key, in order to break subsequent messages easily
Attempt to find weaknesses in the implementation or environment of use of
encryption
Attempt to find general weaknesses in an encryption algorithm, without
necessarily having intercepted any messages
Data Encryption Standard (DES) Basics
•
•
Goal of DES is to completely scramble the data and key so that
every bit of cipher text depends on every bit of data and ever
bit of key
DES is a block Cipher Algorithm
•
•
•
Encodes plaintext in 64 bit chunks
One parity bit for each of the 8 bytes thus it reduces to 56 bits
It is the most used algorithm
•
Standard approved by US National Bureau of Standards for
Commercial and nonclassified US government use in 1993
Data Encryption Standard (DES) Basics
64-bit input
L1
R1
56-bit key
48-bit k1
F(L1, R1, K1)
L2
R2
48-bit k2
F(L2, R2, K2)
L3
R3
48-bit k3
F(L16, R16, K16)
L17
R17
• DES consists of two permutations steps (the first and last steps of the algorithm)
• Operation of each round is identical – taking output of the pervious round as
input
• During each round – the rightmost 32 bits of input are moved to left 32 bits of
the output
• The entire 64 bit input to the ith round and the 48-bit key for the ith round are
taken as an input to a function
• The function involves expansion of 4-bit chunks into 6-bit chunks , exclusive oring with the expanded 6-bit chunks of the 48-bit key Ki, a substitution operation
and further exclusive OR-ing with the leftmost 32 bits of the input.
• The resulting 32 bits of the input of the function is then used as the rightmost
32 bits of the round’s 64-bit output
•
DES run in reverse to decrypt
•
Cracking DES
•
•
48-bit k16
•
1997: 140 days
1999: 14 hours
TripleDES uses DES 3 times in tandem
•
Output from 1 DES is input to next DES
Encryption Algorithm
Summary
Algorithm
Type
Key Size
Features
DES
Block
Cipher
56 bits
Most Common, Not
strong enough
TripleDES
Block
Cipher
168 bits
(112 effective)
Modification of DES,
Adequate Security
Variable
Excellent Security
Blowfish
AES
RC4
Block
Cipher
Block
Cipher
Stream
Cipher
(Up to 448 bits)
Variable
(128, 192, or
256 bits)
Variable
(40 or 128 bits)
Replacement for DES,
Excellent Security
Fast Stream Cipher,
Used in most SSL
implementations
Symmetric Encryption
Limitations
•
Any exposure to the secret key compromises secrecy of
ciphertext
•
A key needs to be delivered to the recipient of the coded
message for it to be deciphered
•
Potential for eavesdropping attack during transmission of key
Asymmetric Encryption
•
Basics
Uses a pair of keys for encryption
•
•
•
Public key for encryption
Private key for decryption
Messages encoded using public key can only be decoded by the
private key
•
•
Secret transmission of key for decryption is not required
Every entity can generate a key pair and release its public key
Plain Text
Cipher
Public Key
Cipher Text
Cipher
Private Key
Plain Text
Asymmetric Encryption
Types
•
Two most popular algorithms are RSA & El Gamal
• RSA
•
•
•
•
Developed by Ron Rivest, Adi Shamir, Len Adelman
Both public and private key are interchangable
Variable Key Size (512, 1024, or 2048 bits)
Most popular public key algorithm
• El Gamal
• Developed by Taher ElGamal
• Variable key size (512 or 1024 bits)
• Less common than RSA, used in protocols like PGP
Asymmetric Encryption
•
•
•
•
•
•
•
•
RSA
Choose two large prime numbers p & q
Compute n=pq and z=(p-1)(q-1)
Choose number e, less than n, which has no common factor (other than 1)
with z
Find number d, such that ed – 1 is exactly divisible by z
Keys are generated using n, d, e
• Public key is (n,e)
• Private key is (n, d)
Encryption: c = me mod n
• m is plain text
• c is cipher text
Decryption: m = cd mod n
Public key is shared and the private key is hidden
Asymmetric Encryption
RSA Example
•
•
•
•
•
P=5 & q=7
n=5*7=35 and z=(4)*(6) = 24
e=5
d = 29 , (29x5 –1) is exactly divisible by 24
Keys generated are
•
•
•
Public key: (35,5)
Private key is (35, 29)
Encrypt the word love using (c = me mod n)
•
Assume that the alphabets are between 1 & 26
Plain Text
Numeric Representation
me
Cipher Text (c = me mod n)
l
12
248832
17
o
15
759375
15
v
22
5153632
22
e
5
3125
10
Asymmetric Encryption
RSA
Decrypt the word love using (m = cd mod n)
•
•
n = 35, c=29
Cipher
Text
cd
(m = me mod n)
Plain
Text
17
481968572106750915091411825223072000
17
l
15
12783403948858939111232757568359400
15
o
22
852643319086537701956194499721110000000
22
v
10
100000000000000000000000000000
10
e
Asymmetric Encryption
Weaknesses
•
Efficiency is lower than Symmetric Algorithms
•
•
•
A 1024-bit asymmetric key is equivalent to 128-bit
symmetric key
Potential for man-in-the middle attack
It is problematic to get the key pair generated for the
encryption
Asymmetric Encryption
•
Man-in-the-middle Attack
Hacker could generate a key pair, give the public key away and tell
everybody, that it belongs to somebody else. Now, everyone believing it
will use this key for encryption, resulting in the hacker being able to
read the messages. If he encrypts the messages again with the public
key of the real recipient, he will not be recognized easily.
Trudeau’s
Message
+ public key
Bob
David’s
Public Key
Bob’s
Message
+ Public key
Bob’s
Encrypted
Message
Cipher
Cipher
Cipher
Trudeau
(Middle-man)
David’s
Public Key
David
Attacker
Bob’s
Public Key
Trudeau’s
Encrypted
Message
Trudeau’s
Encrypted
Message
Trudeau’s
New Message
+ public key
Trudeau’s
Encrypted
Message
Trudeau’s
Public Key
Cipher
David’s
Message
+ public key
Asymmetric Encryption
Session-Key Encryption
•
Used to improve efficiency
•
•
Plain Text
Symmetric key is used for encrypting data
Asymmetric key is used for encrypting the symmetric key
Cipher Text
Cipher
(DES)
Send to Recipient
Cipher
(RSA)
Session Key
Recipient’s Public Key
Encrypted
Key
Asymmetric Encryption
•
Encryption Protocols
Pretty Good Privacy (PGP)
•
•
•
Secure/Multipurpose Internet Mail Extension (S/MIME)
•
•
•
Used to encrypt e-mail using session key encryption
Combines RSA, TripleDES, and other algorithms
Newer algorithm for securing e-mail
Backed by Microsoft, RSA, AOL
Secure Socket Layer(SSL) and Transport Layer Socket(TLS)
•
•
•
Used for securing TCP/IP Traffic
Mainly designed for web use
Can be used for any kind of internet traffic
Asymmetric Encryption
Key Agreement
•
Key agreement is a method to create secret key by exchanging only public
keys.
•
Example
•
•
•
•
•
•
Bob sends Alice his public key
Alice sends Bob her public key
Bob uses Alice’s public key and his private key to generate a session key
Alice uses Bob’s public key and her private key to generate a session key
Using a key agreement algorithm both will generate same key
Bob and Alice do not need to transfer any key
Alice’s
Private Key
Bob’s
Public Key
Cipher
(DES)
Bob’s
Private Key
Alice’s
Public Key
Cipher
(DES)
Session Key
Alice and Bob
Generate Same
Session Key!
Asymmetric Encryption
Key Diffie-Hellman Mathematical Analysis
Bob
Bob & Alice
agree on non-secret
prime p and value a
Generate Secret
Random Number x
Compute Public Key
ax mod p
Alice
Generate Secret
Random Number y
Bob & Alice
exchange
public keys
Compute Session Key
(ay)x mod p
Compute Public Key
ay mod p
Compute Session Key
(ax)y mod p
Identical Secret Key
Asymmetric Encryption
Key Agreement con’t.
•
Diffie-Hellman is the first key agreement algorithm
•
•
•
•
Invented by Whitfield Diffie & Martin Hellman
Provided ability for messages to be exchanged securely
without having to have shared some secret information
previously
Inception of public key cryptography which allowed keys
to be exchanged in the open
No exchange of secret keys
•
Man-in-the middle attack avoided
Authentication
Basics
•
•
Authentication is the process of validating the
identity of a user or the integrity of a piece of data.
There are three technologies that provide
authentication
•
•
•
Message Digests / Message Authentication Codes
Digital Signatures
Public Key Infrastructure
Authentication
Message Digests
•
A message digest is a fingerprint for a document
•
Purpose of the message digest is to provide proof that data
has not altered
•
Process of generating a message digest from data is called
hashing
•
Hash functions are one way functions with following
properties
•
•
•
Infeasible to reverse the function
Infeasible to construct two messages which hash to same digest
Commonly used hash algorithms are
•
•
MD5 – 128 bit hashing algorithm by Ron Rivest of RSA
SHA & SHA-1 – 162 bit hashing algorithm developed by NIST
Message
Message
Digest
Algorithm
Digest
Message Authentication Codes
Basics
•
•
A message digest created with a key
Creates security by requiring a secret key to be
possesses by both parties in order to retrieve the
message
Message
Message
Digest
Algorithm
Secret Key
Digest
Authentication
Digital Signatures
•
A digital signature is a data item which accompanies or is
logically associated with a digitally encoded message.
•
It has two goals
•
•
Message
Sent to
Receiver
A guarantee of the source of the data
Proof that the data has not been tampered with
Sender’s
Sender’s
Private Key
Public Key
Digest
Algorithm
Digest
Algorithm
Message
Digest
Same?
Message
Digest
Sender
Signature
Algorithm
Digital
Signature
Sent to
Receiver
Message
Digest
Signature
Algorithm
Receiver
Authentication
Digital Cerftificates
•
A digital certificate is a signed statement by a trusted party that another
party’s public key belongs to them.
•
•
•
This allows one certificate authority to be authorized by a different authority
(root CA)
Top level certificate must be self signed
Any one can start a certificate authority
•
•
Name recognition is key to some one recognizing a certificate authority
Verisign is industry standard certificate authority
Identity
Information
Sender’s
Signature
Algorithm
Public Key
Certificate
Authority’s
Private Key
Certificate
Authentication
Cerftificates Chaining
•
Chaining is the practice of signing a certificate with another private key
that has a certificate for its public key
•
Similar to the passport having the seal of the government
•
It is essentially a person’s public key & some identifying information signed
by an authority’s private key verifying the person’s identity
•
The authorities public key can be used to decipher the certificate
•
The trusted party is called the certificate authority
Certificate
Signature
Algorithm
Certificate
Authority’s
Private Key
New Certificate
Reading Assignment
• Public Key Infrastructure (PKI)
Related documents
IS-Assignments - WordPress.com
IS-Assignments - WordPress.com
VideoCase08:_Security
VideoCase08:_Security
CSIS 5857: Encoding and Encryption
CSIS 5857: Encoding and Encryption
Exam #1 - My FIT
Exam #1 - My FIT
Hwk #11
Hwk #11
Week8Discussion
Week8Discussion
SampleHWSubmission
SampleHWSubmission
Tips and Tricks
Tips and Tricks
Download
advertisement