Secure Copy Protocol(s)

advertisement
Secure Transfer over an Unsecure
Connection
A TEAM
Ashwini Reddy
Chris Coyne
Jeng-Yuh Chang
Savitha Murthy
Shubhangi Srivastava
History




rlogin, rcp, rsh and other BSD programs
transfer in clear text
Written before malicious attacks were
considered
Currently security is a high priority
Necessity for secure connection over
unknown network
SCP (Secure Copy Protocol)







Both a protocol and a program
Virtually identical to rcp
Uses SSH to transfer data securely
Local-remote host or remote-remote
Generally uses outdated SSH-1
Very few features
Though part of SSH, basically obsolete
SFTP (SSH File Transfer Protocol)





Full featured secure file transfer protocol
Advantages over SCP include resume,
append, larger file size limits
Uses SSH-2
Independent of FTP and FTPS protocols
Still in use today on many different Operating
Systems
SSH (Secure Shell)




Protocol for secure communications
1st developed by Tatu Ylönen in 1995 for
version 1, version 2 in 1996
3 layers in the protocol (Transport, User
Authentication, Connection)
Creates secure channel with authenticated
hosts for file transfer, tunneling, TCP port
forwarding, X11 connections
Transport Protocol




Responsible for Server authentication,
encryption, integrity verification
Key exchange using Diffie-Hellman algorithm
Encryption using 3DES, AES128, blowfish or
other algorithm including proprietary ones
Allows higher layers to assume secure
channel
User Authentication Protocol




Responsible for client authentication
Runs over transport layer
Assumes secure encrypted channel and
authenticated server
Several methods of authentication, including
combinations (password, publickey,
keyboard-interactive)
Connection Protocol





Runs on top of User Authentication layer
Manages channels for data transfer
Several connections on one channel
Channel uses include: SFTP sessions,
remote shell sessions, X11, Windows Shares
Assumes encrypted, authenticated channel
Rsync(Remote Synchronization)
update
New file
Old file
request


Server
Client
Rsync is file transfer utility for UNIX systems.
Faster File transfer.
– Rsync sends the differences in the files across the
link.
– Rsync compresses the differences between the
files saving transfer time.
Rsync Process.

Startup:
- Client server connection established through a
pipe/socket.
- send the protocol version.
- Now Client - Sender and Server-Receiver.

File list:
- Sender creates file list and sends to Receiver.
- Both sort the file list lexicographically.
Rsync Algorithm

Rsync utility uses the algorithm by Andrew
Tridgell.
DEMO



SCP command
WinSCP3
Rsync
Reference
[1] Andrew Tridgell (1999, February). Efficient Algorithms for Sorting and
Synchronization. Retrieved February 19, 2006 from http://samba.org/~tridge/
phd_thesis.pdf
[2] Galbraith J. and Sareenma O. (2006, January 25). SSH File Transfer Protocol.
Retrieved February 16, 2006 from http://www.ietf.org/internet-drafts/draftietf-secsh-filexfer-12.txt
[3] Michael Holve (1999, November 20). A Tutorial on Using rsync. Retrieved
February 18, 2006 from http://everythinglinux.org/rsync/
[4] Rsync (2006, February 16). Wikipedia, The Free Encyclopedia. Retrieved February
18, 2006 from http://en.wikipedia.org/wiki/Rsync
[5] Sean Boran (2004, July 22). SSH Disadvantages. All about SSH – Part I. Retrieved
February 20, 2006 from http://www.boran.com/security/sp/ssh-part1.html
[6] Secure Copy (2006, February 1). Wikipedia, The Free Encyclopedia. Retrieved
February 14, 2006 from http://en.wikipedia.org/wiki/Secure_copy#
SCP_protocol.
[7] Secure Shell (2006, February 18). Wikipedia, The Free Encyclopedia. Retrieved
February 14, 2006 from http://en.wikipedia.org/wiki/Secure_shell
.etc
Thank you!
Any Questions??
Download