lecture 10: network security · 2015. 11. 28. · ‣ symmetric key encryption/decryption -alice...

Network Security Lecture 10:

Computer Networks, Fall 2015

Security properties

‣ Confidentiality

- only the sender and the receiver understand the contents of the message

‣ Authenticity

- the message is from whom it claims to be

‣ Integrity

- the message was not changed along the way

2


Outline

‣ Building blocks

‣ Providing security properties

‣ Securing Internet protocols

‣ Operational security

3


Outline

‣ Building blocks




4


Encryption & decryption

5

Bob Alice

“Dear Bob, ...”

communication channel

“daghj2$%@^”

encryption algorithm

decryption algorithm

“Dear Bob, ...”

“daghj2$%@^” “daghj2$%@^”



6

plaintext plaintext

Bob Alice



ciphertext ciphertext



‣ Encryption algorithm: input: plaintext, output: ciphertext

‣ Decryption algorithm: input: ciphertext, output: plaintext

‣ Ciphertext: ideally, should reveal no information about the message

7


key key

Symmetric key cryptography

8

plaintext plaintext

Bob Alice





key


9

plaintext plaintext




key

key{ } key{ } plaintext = plaintext



‣ Alice and Bob share the same key

- used both for the encryption and decryption algorithm

‣ Used to “scramble” the plaintext

- RC4, AES, Blowfish

10



‣ Challenge: how to share a key?

- out of band

- not always an option

11


Asymmetric key cryptography

12

key+

key-

plaintext plaintext

Bob Alice





key-{ } key+{ }


13

key+ key-

plaintext plaintext




plaintext = plaintext



‣ Alice and Bob use different keys

- public (key+) and private (key-) key

‣ There is a special relationship between them

- key-{ key+{ plaintext } } = plaintext

- key+{ key-{ plaintext } } = plaintext

- RSA, DSA

14



‣ Challenge: computationally expensive

- sophisticated encryption/decryption algorithms based on number theory

15


Cryptographic hash function

16

Dear Bob, .................... .................... .................... Cheers, Alice

hash function

tru46hj#$%

hash



17

Dear Bob, .................... .................... .................... Cheers, Alice

hash function

Dear Bob,

hash

Dear Bob, .................... .................... .................... Thanks,

Celine

Dear Bob, .................... .................... .................... Best wishes, Dabir



18

Dear Bob, .................... .................... .................... .................... .................... .................... Cheers, Alice

hash function

tru46hj#$%

hash ?



‣ Maps larger input to smaller hash

‣ Hash should not reveal information on input

‣ Should be hard to identify 2 inputs that lead to the same hash

19


Building blocks

‣ Symmetric key encryption/decryption - Alice and Bob share the same key - challenge: exchanging the key

‣ Asymmetric key encryption/decryption - Alice and Bob use different keys - challenge: computationally expensive

‣ Cryptographic hash function - produces a hash of the original message

- that’s different from encryption 20


Outline

‣ Building blocks




21


Providing confidentiality

22

key key

plaintext plaintext

Bob Alice



ciphertext ciphertext ciphertext

Eve



23

plaintext plaintext

Bob Alice




Bob_key+

Bob_key-



24

plaintext plaintext

Bob Alice




Bob_key+

Bob_key- Manuel


plaintext


ciphertext

Man in the middle

25

Bob Alice

plaintext


ciphertext

plaintext


ciphertext

Bob_key+

Bob_key-

Manuel

plaintext


ciphertext

Manuel_key+

Manuel_key-




‣ With symmetric key crypto

- Alice encrypts message with shared key

- only Bob can decrypt it

‣ With asymmetric key crypto

- Alice encrypts message with Bob’s public key

- only Bob can decrypt it (with his private key)

- but beware of man-in-the-middle attacks

26


Providing authenticity

27

Bob Alice Persa



28

Bob Alice Persa



29

Bob Alice



30

Bob Alice

key{ I am Alice }

= hjdfk678vnx



31

Bob Persa

key{ I am Alice }

!= hgdja54637452



32

Bob Alice



33

Bob Alice

hash{ key | I am Alice }

= 46873astubv



34

Bob Alice

Message Authentication Code (MAC)



35

Bob Alice

Alice_key+{ 687retwyw }

= I am Alice



36

Bob Persa

Alice_key+{ ghdj67d%^& }

!= I am Alice



37

Bob Alice



38

Bob Alice

Digital signature



39

Bob Alice



40

Bob Alice



41

Bob Alice

Message Authentication Code (MAC)



42

Bob Alice



43

Bob Alice

Digital signature



44

Bob Alice



45

Bob Alice



‣ With symmetric key crypto

- Alice appends hash of message + shared key

- Bob verifies that it is correct (using shared key)

‣ With asymmetric key crypto

- Alice encrypts hash of message with her private key, appends to unencrypted message

- Bob verifies that it is correct (using Alice’s public key)

46



‣ Nonce for avoiding replay attacks

- Bob sends Alice a nonce (random number)

- Alice appends hash of message + shared key + nonce

47


Providing integrity

48

Bob Alice


Providing integrity

49

Bob Alice


Providing integrity

‣ With the same mechanisms that provide authenticity

50


plaintext


ciphertext

Man in the middle

51

Bob Alice

plaintext


ciphertext

plaintext


ciphertext

Bob_key+

Bob_key-

Manuel

plaintext


ciphertext

Manuel_key+

Manuel_key-



Public key certification

‣ Trusted certificate authority (CA) digitally signs that key+ is Bob’s public key

- using the CA’s private key

‣ CA’s public key is obtained out of band

- web browsers pre-configured with CA public keys

52


Outline

‣ Building blocks




53


Securing email (confidentiality)

54

Alice

Bob_key+{ }

shared_key{ } message

shared_key

+


shared_key{ }

Bob_key-{ }

Securing email (confidentiality)

55

Bob

Bob_key+{ }

shared_key{ } message

shared_key

-


Alice_key-{ } hash{ }

Securing email (auth & integrity)

56

Alice

message

message

+


Alice_key+{ }

Securing email (auth & integrity)

57

Bob -

Alice_key-{ } hash{ } message

message hash{ }


Alice_key-{ } hash{ }

Securing email

58

Alice

message

message

+ shared_key{ ... }

Bob_key+{ shared_key }

+


Securing TCP

59

online store Alice


Securing TCP

‣ Server sends its certificate

- includes its public key

‣ Client creates and sends a shared master key

- encrypts it with server’s public key

‣ Both use master key to create 4 session keys

- 1 key for encrypting client --> server data

- 1 key for creating MAC for client --> server data

- same for server --> client data

60


Securing TCP

61

online store Alice


Securing TCP

62

online store Alice


Securing TCP

‣ Client organizes data in records

- each record has a sequence number

‣ Creates MAC for each record + sequence #

- using one of the 4 session keys

‣ Encrypts the data + MAC for each record

- using (another) one of the 4 session keys

63


Securing IP

64

Bob Alice

IP packet

key1{ IP packet }, hash{ key2, key1{ IP packet } }

IP packet


Securing IP

‣ 2 IP routers establish a “secure tunnel”

- usually between branch offices of a company

‣ Source encrypts each IP packet

- using a shared key

‣ Source creates MAC for encrypted IP packet

- using another shared key

65


Key ideas

‣ Combination of symmetric/asymmetric keys - asymmetric key crypto to exchange shared keys

- symmetric key crypto for confidentiality, authenticity, & integrity

- symmetric key crypto is faster

‣ Seq. numbers to avoid reordering attacks - organize data in records with seq. numbers

- compute MAC on record data + seq. number

66


Outline

‣ Building blocks




67


Firewalls

68

action src IP dst IP src port dst port proto

allow 167.67/16

167.67/16

any TCP > 1023 80

allow any TCP 80 > 1023

deny all all all all all

flag

all

ACK

all

lecture 10: network security · 2015. 11. 28. · ‣ symmetric key encryption/decryption -alice...

Documents