Computer Networks Ivan Marsic Rutgers University Chapter 7 – Network Security Chapter 8 – Network Monitoring Chapter 9 – Internet Protocols APPENDIX: Probability Refresher Network Security Chapter 7 Topic: Secure Communication Network Security Problem Symmetric and Public-Key Cryptosystems Cryptographic Algorithms Authentication Network Security Problem Secure/Confidential Communication ? Padlock and shared key copy Content Shared key copy Message Sender Sender needs: • receive securely a copy of the shared key • positively identify the message receiver Intermediary Threats posed by intruder/adversary: • forge the key and view the content • damage/substitute the padlock • damage/destroy the message • observe characteristics of messages (statistical and/or metric properties) Receiver Receiver needs: • receive securely a shared key copy • positively identify the message sender • detect any tampering with messages 4 Objectives of Information Security • Confidentiality: information not disclosed or revealed to unauthorized persons • Integrity: consistency of data—preventing unauthorized creation, modification, or destruction • Availability: legitimate users are not unduly denied access to resources, including information resources, computing resources, and communication resources • Authorized use: resources are not used by unauthorized persons or in unauthorized ways Message Encoding and Decoding • Encoding takes a message M and produces a coded form f(M) • Decoding the message requires an inverse 1 f (M )= M. f function , such that Two Basic Types of Cryptosystems • Symmetric systems: both parties use the same (secret) key in encryption and decryption transformations • Public-key systems (aka asymmetric systems): the parties use two related keys, one of which is secret and the other can be publicly disclosed Public-Key Cryptosystem Sender’s padlock 1. Sender secures the briefcase Receiver’s padlock with his/her padlock and sends Sender 2. Receiver additionally secures Receiver the briefcase with his/her padlock and returns 3. Sender removes his/her padlock and sends again 4. Receiver removes his/her padlock to access the content 8 Public-Key Cryptosystem - mod “Public key” Receiver distributes his/her padlock (unlocked) to sender ahead of time, but keeps the key “Private key” Receiver Receiver’s padlock (unlocked) Receiver’s key Sender uses the receiver’s padlock to secure the briefcase and sends Sender Receiver removes his/her padlock to access the content 9 Public-Key Cryptography In RSA, receiver does the following: • Randomly select two large prime numbers p and q, which always must be kept secret. • Select an integer number E, known as the public exponent, such that (p 1) and E have no common divisors, and (q 1) and E have no common divisors. • Determine the product n = pq, known as public modulus. • Determine the private exponent, D, such that (ED 1) is exactly divisible by both (p 1) and (q 1). In other words, given E, we choose D such that the integer remainder when ED is divided by (p 1)(q 1) is 1. • Release publicly the public key, which is the pair of numbers n and E, K = (n, E). Keep secret the private key, K = (n, D). Example: send the plaintext “hello world” • receiver chooses p = 5 and q = 7 • receiver chooses E = 5, because 5 and (5 1)(7 1) have no common factors. Also, n = pq = 35 • receiver chooses D = 29, because • 5291 ED1 144 i.e., they are exactly divisible. ( p1)( q1) 46 24 receiver’s public key is K = (n, E) = (35, 5), which is made public. The private key K = (n, D) = (35, 29) is kept secret. 6 Example, cont’d Encryption Plaintext numeric Plaintext letter BE Ciphertext BE % n representation h 8 85 = 32768 85 % 35 = 8 e 5 55 = 3125 55 % 35 = 10 l 12 125 = 248832 125 % 35 = 17 l 12 248832 17 o 15 155 = 759375 155 % 35 = 15 Decryption Ciphertext CD B = CD % n Plaintext letter 8 829 = 154742504910672534362390528 829 % 35 = 8 h 10 100000000000000000000000000000 5 e 17 481968572106750915091411825223071697 12 l 17 481968572106750915091411825223071697 12 l 15 12783403948858939111232757568359375 15 o Example, cont’d • While the adversary knows n and E, he or she does not know p and q, so they cannot work out (p 1)(q 1) and thereby find D. Topic: Authentication Network Security Problem Symmetric and Public-Key Cryptosystems Cryptographic Algorithms Authentication Authentication Protocol (1) Assumption: Only Sender needs to be authenticated to Receiver, not mutually. Secure communication is not enough … playback attack: Sender Receiver’s public key Adversary Receiver EncryptPK-receiversender-ID, password record ACK Replayed message replay EncryptPK-receiversender-ID, password ACK Authentication Protocol (2) Solution to playback attack: Sender Receiver’s public key Adversary number used once and never again EncryptPK-receiversender-ID, password Sender’s public key record Receiver’s public key EncryptPK-sendernonce1 EncryptPK-receivernonce1 ACK replay EncryptPK-receiversender-ID, password EncryptPK-sendernonce2 Does not know how to reply! Receiver Impersonation Attack PROBLEM: Public key distribution … Adversary impersonates Bank Customer Adversary I am Bank and here is my public key Bank Assumption: Adversary obtained Bank’s public key Adversary’s public key EncryptPK-adversarycustomer-ID, password, PK-customer Customer’s public key Decrypt Customer’s message and obtain ID & password Bank’s public key Adversary’s public key EncryptPK-bankcustomer-ID, password, PK-adversary Customer’s public key Decrypt Bank’s message and obtain Customer account info EncryptPK-adversarycustomer-account-info EncryptPK-customercustomer-account-info PROBLEM: Customer unaware that Adversary obtained his account info! Network Monitoring Chapter 8 Packet-pair Dispersion t4 t3 t2 t1 Pkt-2 t4 t3 Pkt-2 Pkt-1 P2 P1 Send packet pair Link 1 Receive packet pair Link 2 Router 1 Pkt-1 Router 2 Link 3 Same spacing is preserved on higher speed links = Time to process P bytes packet Minimum packet spacing at bottleneck link P Packets Flow direction t1 t2 t3 Link speed estimation = P/ t4 Internet Protocols Chapter 9 The Internet Reference Model Visit http://en.wikipedia.org/wiki/Internet_reference_model for more details on the Internet reference model http://en.wikipedia.org/wiki/OSI_model IPv6 Header 0 3 4 version number 11 12 8-bit traffic class 16-bit payload length 15 16 31 20-bit flow label next header 8-bit hop limit 128-bit (16-byte) source IP address 40 bytes 128-bit (16-byte) destination IP address IPv6 Address Prefix Assignments 0 7 8 127 00000000 Reserved Anything 0 127 00000000 Unspecified ... 00000000 0 127 00000000 Loopback within this network 0 ... 7 8 0 Link-local use unicast Anything 9 10 127 11111110 10 0 Site-local use unicast 127 11111111 Multicast addresses 00000001 Anything 9 10 127 11111110 11 Anything 0 127 Everything else Global unicast IPv4 compatible address (Node supports IPv6 & IPv4) IPv4 mapped address (Node does not support IPv6) 0 95 96 00000000 0 ... 00000000 79 80 95 96 000000 ... 000000 111...11 127 IPv4 Address 127 IPv4 Address IPv6 Global Unicast Address 0 IPv6 global unicast address general format (n bits) (m bits) (128nm bits) global routing prefix subnet ID interface ID 127 (a) 0 IPv6 global unicast address format for prefix not “000” (n bits) (64n bits) (64 bits) global routing prefix subnet ID interface ID (b) 127 Example IPv6 Extension Headers Mandatory IPv6 header IPv6 main header 40 bytes = Next Header field Optional extension headers Hop-by-hop options header variable Routing header variable Fragment header 8 bytes Destination options header variable TCP header IPv6 packet payload application data payload 20 bytes (default) variable Format of IPv6 Extension Headers 0 7 8 Next header 15 16 31 0 7 8 15 16 Next header Hdr ext len Hdr ext len 23 24 0 Segments left Reserved One or more options Address[1] (a) Hop-by-Hop Options header; Destinations Options header 0 7 8 Next header 15 16 Reserved 28 29 31 Fragment offset Res M Address[2] Identification (b) Fragment header 0 7 8 Next header 15 16 23 24 31 31 Hdr ext len Routing type Segments left Type-specific data Address[n] (c) Generic Routing header (d) Type 0 Routing header RIP Header (for IPv4) 0 7 8 command 15 16 version 31 unused (must be zero) RIP header address family identifier route tag 8 bytes IPv4 address subnet mask RIP route entry next hop distance metric Total up to 25 route entries 16 bytes OSPF Directed Graph of an AS AS N3 AS (a) 7 4 H1 1 D 6 5 N2 B 2 N1 1 1 1 A 3 H2 C 8 6 N2 D 5 7 N1 (b) 2 1 1 B 1 4 1 A 3 C 8 H2 N3 OSPF Header (for IPv4) 0 7 8 version 15 16 31 type packet length source router address (IPv4 ) area ID OSPF header checksum authentication type authentication OSPF packet payload 24 bytes OSPF - LSA Header 0 7 8 15 16 LS age 31 options type link state ID 20 bytes LS sequence number LSA header authentication LS checksum 0 flags length 0 number of links link ID Link description for LSA type = 1 link data link type num_TOS optional TOS information (more link descriptions) metric 16 bytes eBGP and iBGP Sessions AS AS B E G C J A H F D I AS AS P L O Q Key: K N M Link-layer connection eBGP TCP session iBGP TCP session BGP Finite State Machine ManualStart OR AutomaticStart / Idle ConnectRetryTimer expired / retry Setting up TCP connection DelayOpenTimer expires OR DelayOpen attribute == FALSE / {Connect, Active} OPEN or msg recvd / send KEEPALIVE msg ManualStop / TcpConnectionFails / Opening BGP session KEEPALIVE msg recvd / {OpenSent, OpenConfirm} KEEPALIVE or UPDATE msg recvd / ManualStop OR AutomaticStop OR HoldTimer expired / send NOTIFICATION cease Established ManualStop OR AutomaticStop OR Error in msg detected OR NOTIFICATION error recvd / Detail from Figure 1-49: AS N } S , A {AS AS AS S R t} {Cust BGP Header & Message Formats 15 16 0 23 24 31 Marker Length Type (a) BGP header format 0 7 8 15 16 23 24 31 0 15 16 Marker Length 31 Marker Type: OPEN My autonomous system 23 24 Version Length Type: KEEPALIVE (c) BGP KEEPALIVE message format Hold time BGP identifier Optional params length 0 7 8 15 16 23 24 31 Optional parameters (variable) (b) BGP OPEN message format Marker Length Type: NOTIFICATION Error code Error subcode Data (variable) (d) BGP NOTIFICATION message format BGP UPDATE Message 0 15 16 7 8 23 24 31 Marker Attribute type (2 bytes) Length Type: UPDATE Withdrawn routes length Attrib. length (1 or 2 bytes) Attribute value (variable) (b) Path attribute format Withdrawn routes (variable) Total path attribute length Path attributes (variable) Network layer reachability information (variable) (a) BGP UPDATE message format Attribute flags OTPE 0 Attribute type code Extended Length Partial Transitive Optional (c) Attribute type format Example BGP UPDATE Message 192.12.69.2 Prefix 128.34.10.0/24 192.12.62.1 AS AS 192.12.62.2 L AS BGP routing table: 192.12.69.1 Prefix Path O .5 .5 0 2 2.1 19 K Next Hop 128.34.10.0/24 {AS} 192.12.69.2 + K’s IGP routing table: Destination Cost Next Hop 128.34.10.0/24 0 K’s BGP M K’s forwarding table: Prefix Next Hop Next Hop 128.34.10.0/24 192.12.69.2 N 2.1 2.6 1 . 2 19 /16 } 8.34 S, AS 62.1 2 1 .12. = {A fix = Pre PATH = 192 P AS_ T_HO X NE UP TE DA AS BGP routing table N’s forwarding table: Prefix Next Hop 128.34.10.0/24 192.12.50.5 AS O’s forwarding table: 6 9.2 4/1 } 2.6 E 8.3 S 2.1 12 = {A 19 AT PD fix = TH P = U e A O Pr _ P _ H AS EXT N Subnet Prefix = 128.34.10.0/24 + N’s IGP routing table: Destination Cost Next Hop 128.34.10.0/24 2 Router M Router K 2 Router M AS M AS K N AT P AS refix E M _P = so ED AT m = H = e pre 10 {A fix 0 S in ,A A S S } D L UP re AS fix= so _PA me ME T D = H = { prefix 30 AS, in AS 0 AS } UP DA TE P BGP MULTI_EXIT_DISC (MED) Attribute AS AS B AS E A AS AS G C H D F AS Address Resolution Protocol (ARP) Need for multiple addresses, hierarchical vs. non-hierarchical Vehicle identification number (VIN) 1P3BP49K7JF111966 Registration plate Address Resolution Protocol (ARP) IP: 192.200.96.21 MAC: 01-23-45-67-89-AB IP: 192.200.96.22 MAC: 00-01-03-1D-CC-F7 IP: 192.200.96.20 MAC: 49-BD-2F-54-1A-0F Sender ARP Request: to FF-FF-FF-FF-FF-FF Target Sender MAC: 0101-2323-4545-6767-8989-AB Sender IP: 192.200.96.21 Target IP: 192.200.96.23 ARP Reply Sender MAC: A3A3-B0B0-2121-A1A1-6060-35 Sender IP: 192.200.96.23 Target MAC: 0101-2323-4545-6767-8989-AB Target IP: 192.200.96.21 IP: 192.200.96.23 MAC: A3-B0-21-A1-60-35 ARP Packet Format (for IPv4) 0 7 8 15 16 Hardware type = 1 Hardware addr len = 6 31 Protocol type = 0x0800 Protocol addr len = 4 Operation Sender hardware address (6 bytes) Sender protocol address (first 2 bytes) Sender protocol address (last 2 bytes) Target hardware address (6 bytes) Target protocol address 28 bytes Mobile IP Home Agent (HA) Mobile node (MN) 1 2 4 3 Foreign Agent (FA) Correspondent node (CN) SNMP Network MIB (a) Messages Agent Managed objects Managed device Network management system (NMS) GetRequest Response GetNextRequest Response GetBulkRequest (b) SNMP SNMP manager manager (client) (client) Response SetRequest Response Trap NMS InformRequest SNMP SNMP agent agent (server) (server) Probability Refresher Appendix Jar with Black & White Balls Random Events Possible outcomes of two coin tosses: “Tree diagram” of possible outcomes of two coin tosses: Second toss H Second toss H T H ½ H HH HT First toss T H First toss ½ T TH TT ½ ½ T ½ ½ T (a) (b) Outcome HH HT TH TT Drawing from Jar/Urn Decided by Rolling a Die EXPERIMENT 1: Roll a die; if outcome is 1 or 2, select Jar; else, select Urn EXPERIMENT 2: Draw a ball from the selected container Jar Urn Probability Matrix for Ball Drawing Random variable X: Color of the ball c2 Random variable Y: Identity of the vessel that will be chosen x1 = Black x2 = White y1 = Jar n11 n12 y2 = Urn n21 n22 r1 Illustration for Bayes Theorem EXPERIMENT 1: Roll a die; if outcome is 1 or 2, select Jar; else, select Urn EXPERIMENT 2: Draw a ball from the selected container Guess whether the ball was drawn from Jar or from Urn Jar Urn Poisson Process percent of occurrences (%) average arrival rate = 5 20 15 10 5 0 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 arrivals per time unit (n) Partitioning of Areas Under Normal Curve 34.13% 0.4 Areas between selected points under the normal curve 34.13% 0.3 13.59% 0.2 0.1 0.13% 13.59% 2.15% 2.15% 0.13% 0.0 4 3 2 0 2 3 4 How to Read Table A-1 Area between mean and z (from Column B) 0.4 (A) z 0.3 Area beyond z (from Column C) 0.2 43.32% 0.1 6.68% 0.0 4 3 2 1 0 1 2 z = 1.50 (in Column A) (A) 3 4 z (B) area between mean and z (C) area beyond z (A) z (B) area between mean and z (C) area beyond z (A) z (B) area between mean and z (C) area beyond z 0.00 0.01 0.02 .0000 .0040 .0080 .5000 .4960 .4920 0.55 0.56 0.57 .2088 .2123 .2157 .2912 .2877 .2843 1.10 1.11 1.12 .3643 .3665 .3686 .1357 .1335 .1314 0.34 0.35 0.36 0.37 0.38 0.39 0.40 0.41 0.42 0.43 0.44 0.45 0.46 0.47 0.48 0.49 0.50 0.51 0.52 0.53 0.54 .1331 .1368 .1406 .1443 .1480 .1517 .1554 .1591 .1628 .1664 .1700 .1736 .1772 .1808 .1844 .1879 .1915 .1950 .1985 .2019 .2054 .3669 .3632 .3594 .3557 .3520 .3483 .3446 .3409 .3372 .3336 .3300 .3264 .3228 .3192 .3156 .3121 .3085 .3050 .3015 .2981 .2946 0.89 0.90 0.91 0.92 0.93 0.94 0.95 0.96 0.97 0.98 0.99 1.00 1.01 1.02 1.03 1.04 1.05 1.06 1.07 1.08 1.09 .3133 .3159 .3186 .3212 .3238 .3264 .3289 .3315 .3340 .3365 .3389 .3413 .3438 .3461 .3485 .3508 .3531 .3554 .3577 .3599 .3621 .1867 .1841 .1814 .1788 .1762 .1736 .1711 .1685 .1660 .1635 .1611 .1587 .1562 .1539 .1515 .1492 .1469 .1446 .1423 .1401 .1379 1.44 1.45 1.46 1.47 1.48 1.49 1.50 1.51 1.52 1.53 1.54 1.55 1.56 1.57 1.58 1.59 1.60 1.61 1.62 1.63 1.64 .4251 .4265 .4279 .4292 .4306 .4319 .4332 .4345 .4357 .4370 .4382 .4394 .4406 .4418 .4429 .4441 .4452 .4463 .4474 .4484 .4495 .0749 .0735 .0721 .0708 .0694 .0681 .0668 .0655 .0643 .0630 .0618 .0606 .0594 .0582 .0571 .0559 .0548 .0537 .0526 .0516 .0505 1.50 (B) area between mean and z .4332 (C) area beyond z .0668