Secure Transfer over an Unsecure Connection A TEAM Ashwini Reddy Chris Coyne Jeng-Yuh Chang Savitha Murthy Shubhangi Srivastava History rlogin, rcp, rsh and other BSD programs transfer in clear text Written before malicious attacks were considered Currently security is a high priority Necessity for secure connection over unknown network SCP (Secure Copy Protocol) Both a protocol and a program Virtually identical to rcp Uses SSH to transfer data securely Local-remote host or remote-remote Generally uses outdated SSH-1 Very few features Though part of SSH, basically obsolete SFTP (SSH File Transfer Protocol) Full featured secure file transfer protocol Advantages over SCP include resume, append, larger file size limits Uses SSH-2 Independent of FTP and FTPS protocols Still in use today on many different Operating Systems SSH (Secure Shell) Protocol for secure communications 1st developed by Tatu Ylönen in 1995 for version 1, version 2 in 1996 3 layers in the protocol (Transport, User Authentication, Connection) Creates secure channel with authenticated hosts for file transfer, tunneling, TCP port forwarding, X11 connections Transport Protocol Responsible for Server authentication, encryption, integrity verification Key exchange using Diffie-Hellman algorithm Encryption using 3DES, AES128, blowfish or other algorithm including proprietary ones Allows higher layers to assume secure channel User Authentication Protocol Responsible for client authentication Runs over transport layer Assumes secure encrypted channel and authenticated server Several methods of authentication, including combinations (password, publickey, keyboard-interactive) Connection Protocol Runs on top of User Authentication layer Manages channels for data transfer Several connections on one channel Channel uses include: SFTP sessions, remote shell sessions, X11, Windows Shares Assumes encrypted, authenticated channel Rsync(Remote Synchronization) update New file Old file request Server Client Rsync is file transfer utility for UNIX systems. Faster File transfer. – Rsync sends the differences in the files across the link. – Rsync compresses the differences between the files saving transfer time. Rsync Process. Startup: - Client server connection established through a pipe/socket. - send the protocol version. - Now Client - Sender and Server-Receiver. File list: - Sender creates file list and sends to Receiver. - Both sort the file list lexicographically. Rsync Algorithm Rsync utility uses the algorithm by Andrew Tridgell. DEMO SCP command WinSCP3 Rsync Reference [1] Andrew Tridgell (1999, February). Efficient Algorithms for Sorting and Synchronization. Retrieved February 19, 2006 from http://samba.org/~tridge/ phd_thesis.pdf [2] Galbraith J. and Sareenma O. (2006, January 25). SSH File Transfer Protocol. Retrieved February 16, 2006 from http://www.ietf.org/internet-drafts/draftietf-secsh-filexfer-12.txt [3] Michael Holve (1999, November 20). A Tutorial on Using rsync. Retrieved February 18, 2006 from http://everythinglinux.org/rsync/ [4] Rsync (2006, February 16). Wikipedia, The Free Encyclopedia. Retrieved February 18, 2006 from http://en.wikipedia.org/wiki/Rsync [5] Sean Boran (2004, July 22). SSH Disadvantages. All about SSH – Part I. Retrieved February 20, 2006 from http://www.boran.com/security/sp/ssh-part1.html [6] Secure Copy (2006, February 1). Wikipedia, The Free Encyclopedia. Retrieved February 14, 2006 from http://en.wikipedia.org/wiki/Secure_copy# SCP_protocol. [7] Secure Shell (2006, February 18). Wikipedia, The Free Encyclopedia. Retrieved February 14, 2006 from http://en.wikipedia.org/wiki/Secure_shell .etc Thank you! Any Questions??