Chapter 31

Network Security

31.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

3131--1 1 SECURITY SERVICESSECURITY SERVICES

N kN k ii idid fifi ii FF ff hhNetworkNetwork securitysecurity cancan provideprovide fivefive servicesservices.. FourFour ofof thesetheseservicesservices areare relatedrelated toto thethe messagemessage exchangedexchanged usingusing thethe

kk ThTh fif hfif h ii idid ii h i ih i inetworknetwork.. TheThe fifthfifth serviceservice providesprovides entityentity authenticationauthenticationoror identificationidentification..

Topics discussed in this section:Topics discussed in this section:Message ConfidentialityMessage IntegrityMessage AuthenticationMessage NonrepudiationEntity Authentication

31.2

Entity Authentication

Figure 31.1 Security services related to the message or entity

31.3

3131--2 2 MESSAGE CONFIDENTIALITYMESSAGE CONFIDENTIALITY

ThTh tt ff hh tt hihi fid ti litfid ti litTheThe conceptconcept ofof howhow toto achieveachieve messagemessage confidentialityconfidentialityoror privacyprivacy hashas notnot changedchanged forfor thousandsthousands ofof yearsyears..ThTh tt bb t dt d tt thth dd itit ddTheThe messagemessage mustmust bebe encryptedencrypted atat thethe sendersender sitesite andanddecrypteddecrypted atat thethe receiverreceiver sitesite.. ThisThis cancan bebe donedone usingusingithith t it i kk t ht h t it i kkeithereither symmetricsymmetric--keykey cryptographycryptography oror asymmetricasymmetric--keykey

cryptographycryptography..

Topics discussed in this section:Topics discussed in this section:Confidentiality with Symmetric-Key CryptographyConfidentiality with Asymmetric-Key Cryptography

31.4

Figure 31.2 Message confidentiality using symmetric keys in two directions

31.5

Figure 31.3 Message confidentiality using asymmetric keys

31.6

3131--3 3 MESSAGE INTEGRITYMESSAGE INTEGRITY

E tiE ti dd d tid ti ididEncryptionEncryption andand decryptiondecryption provideprovide secrecy,secrecy, ororconfidentiality,confidentiality, butbut notnot integrityintegrity.. However,However, onon occasionoccasion

tt dd b tb t i t di t d tt hhwewe maymay notnot eveneven needneed secrecy,secrecy, butbut insteadinstead mustmust havehaveintegrityintegrity..

Document and FingerprintTopics discussed in this section:Topics discussed in this section:Document and FingerprintMessage and Message DigestCreating and Checking the Digestg g gHash Function CriteriaHash Algorithms: SHA-1

31.7

Note

To preserve the integrity of a document,b th th d t d th fi i tboth the document and the fingerprint

are needed.

31.8

Figure 31.4 Message and message digest

31.9

Note

The message digest needs to be kept tsecret.

31.10

Figure 31.5 Checking integrity

31.11

Figure 31.6 Criteria of a hash function

31.12

Example 31.1

Can we use a conventional lossless compression methodas a hashing function?

SolutionSolutionWe cannot. A lossless compression method creates acompressed message that is reversible You cancompressed message that is reversible. You canuncompress the compressed message to get the originaloneone.

31.13

Example 31.2

Can we use a checksum method as a hashing function?

SolutionSolutionWe can. A checksum function is not reversible; it meets the first criterion However it does not meet the otherthe first criterion. However, it does not meet the other criteria.

31.14

Figure 31.7 Message digest creation

31.15

Note

SHA-1 hash algorithms create an N-bit

Note

SHA 1 hash algorithms create an N bit message digest out of a message of

512 bit blocks512-bit blocks.

SHA 1 h di t f 160 bitSHA-1 has a message digest of 160 bits (5 words of 32 bits).

31.16

Figure 31.8 Processing of one block in SHA-1

31.17

3131--4 4 MESSAGE AUTHENTICATIONMESSAGE AUTHENTICATION

AA hashhash functionfunction perper sese cannotcannot provideprovide authenticationauthentication..TheThe digestdigest createdcreated byby aa hashhash functionfunction cancan detectdetect anyanymodificationmodification inin thethe message,message, butbut notnot authenticationauthentication..

Topics discussed in this section:Topics discussed in this section:MAC

31.18

Figure 31.9 MAC, created by Alice and checked by Bob

31.19

Figure 31.10 HMAC

31.20

3131--5 5 DIGITAL SIGNATUREDIGITAL SIGNATURE

WhenWhen AliceAlice sendssends aa messagemessage toto Bob,Bob, BobBob needsneeds totoWhenWhen AliceAlice sendssends aa messagemessage toto Bob,Bob, BobBob needsneeds totocheckcheck thethe authenticityauthenticity ofof thethe sendersender;; hehe needsneeds toto bebesuresure thatthat thethe messagemessage comescomes fromfrom AliceAlice andand notnot EveEve..suresure thatthat thethe messagemessage comescomes fromfrom AliceAlice andand notnot EveEve..BobBob cancan askask AliceAlice toto signsign thethe messagemessage electronicallyelectronically..InIn otherother words,words, anan electronicelectronic signaturesignature cancan proveprove thetheInIn otherother words,words, anan electronicelectronic signaturesignature cancan proveprove thetheauthenticityauthenticity ofof AliceAlice asas thethe sendersender ofof thethe messagemessage.. WeWereferrefer toto thisthis typetype ofof signaturesignature asas aa digitaldigital signaturesignature..referrefer toto thisthis typetype ofof signaturesignature asas aa digitaldigital signaturesignature..

Topics discussed in this section:Topics discussed in this section:ComparisonNeed for Keys

pp

31.21

Process

Note

A digital signature needs a public-key tsystem.

31.22

Figure 31.11 Signing the message itself in digital signature

31.23

Note

In a cryptosystem, we use the private d bli k f th iand public keys of the receiver;

in digital signature, we use the private and public keys of the sender.

31.24

Figure 31.12 Signing the digest in a digital signature

31.25

Note

A digital signature today provides i t itmessage integrity.

31.26

Note

Digital signature provides message th ti tiauthentication.

31.27

Figure 31.13 Using a trusted center for nonrepudiation

31.28

Note

Nonrepudiation can be provided using a t t d ttrusted party.

31.29

3131--6 6 ENTITY AUTHENTICATIONENTITY AUTHENTICATION

EntityEntity authenticationauthentication isis aa techniquetechnique designeddesigned toto letlet oneoneEntityEntity authenticationauthentication isis aa techniquetechnique designeddesigned toto letlet oneonepartyparty proveprove thethe identityidentity ofof anotheranother partyparty.. AnAn entityentity cancanbebe aa personperson aa processprocess aa clientclient oror aa serverserver TheThe entityentitybebe aa person,person, aa process,process, aa client,client, oror aa serverserver.. TheThe entityentitywhosewhose identityidentity needsneeds toto bebe provedproved isis calledcalled thethe claimantclaimant;;thethe partyparty thatthat triestries toto proveprove thethe identityidentity ofof thethe claimantclaimantthethe partyparty thatthat triestries toto proveprove thethe identityidentity ofof thethe claimantclaimantisis calledcalled thethe verifierverifier..

P dTopics discussed in this section:Topics discussed in this section:PasswordsChallenge-Response

31.30

Note

In challenge-response authentication,th l i t th t h kthe claimant proves that she knows a

secret without revealing it.

31.31

Note

The challenge is a time-varying value t b th ifisent by the verifier;

the response is the result of a function applied on the challenge.

31.32

Figure 31.14 Challenge/response authentication using a nonce

31.33

Figure 31.15 Challenge-response authentication using a timestamp

31.34

Figure 31.16 Challenge-response authentication using a keyed-hash function

31.35

Figure 31.17 Authentication, asymmetric-key

31.36

Figure 31.18 Authentication, using digital signature

31.37

3131--7 7 KEY MANAGEMENTKEY MANAGEMENT

WeWe nevernever discusseddiscussed howhow secretsecret keyskeys inin symmetricsymmetric--keykeycryptographycryptography andand howhow publicpublic keyskeys inin asymmetricasymmetric--keykeyyp g p yyp g p y pp yy yy yycryptographycryptography areare distributeddistributed andand maintainedmaintained.. InIn thisthissection,section, wewe touchtouch onon thesethese twotwo issuesissues.. WeWe firstfirst discussdiscuss,, ffthethe distributiondistribution ofof symmetricsymmetric keyskeys;; wewe thenthen discussdiscuss thethedistributiondistribution ofof asymmetricasymmetric keyskeys..ff yy yy

Topics discussed in this section:Topics discussed in this section:Symmetric-Key DistributionPublic-Key Distribution

Topics discussed in this section:Topics discussed in this section:

31.38

y

Figure 31.19 KDC

31.39

Note

A session symmetric key between two ti i d lparties is used only once.

31.40

Figure 31.30 Creating a session key between Alice and Bob using KDC

31.41

Figure 31.21 Kerberos servers

31.42

Figure 31.22 Kerberos example

31.43

Note

In public-key cryptography, everyone h t ’ bli khas access to everyone’s public key;

public keys are available to the public.

31.44

Figure 31.23 Announcing a public key

31.45

Figure 31.24 Trusted center

31.46

Figure 31.25 Controlled trusted center

31.47

Figure 31.26 Certification authority

31.48

Figure 31.27 PKI hierarchy

31.49