Top Banner

Click here to load reader

of 47

6/3/2015Gene Itkis: BU CAS 558 - Network Security1 CS 558: Network Security Gene Itkis

Dec 19, 2015

ReportDownload

Documents

  • Slide 1
  • Slide 2
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security1 CS 558: Network Security Gene Itkis
  • Slide 3
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security2 Network Security Overview
  • Slide 4
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security3 Basic scenario
  • Slide 5
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security4 Alice Simplified Scenario Network: Internet intranet LAN WAN Bob How to protect? Encrypt Key agreement Authenticate Eve Issues: Protocols Protection (crypto) A solution: SSL/TLS
  • Slide 6
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security5 How to protect?
  • Slide 7
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security6 Crypto Landscape overview
  • Slide 8
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security7 Definitions and Concepts
  • Slide 9
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security8 Cryptography What is Cryptography ? v It all started with EncryptionDecryption Encryption / Decryption attack at midnight buubdl bu njeojhiu - plaintext - ciphertext
  • Slide 10
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security9 Encryption / Decryption (cont.) encoder decoder ( plaintext in - ciphertext out) ciphertext msg msg ( ciphertext in - plaintext out) (should understand nothing nothing about the msg) eavesdropper bla-bla cmb-cmb Shared Key
  • Slide 11
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security10 Crypto tools Encryption/decryption to hide info Key exchange - to establish shared key Authentication to establish shared key with the party you really meant to public private v Signatures v Hashing v Certificates, PKI
  • Slide 12
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security11 Adversary types v Alice and Bob want to communicate in presence of adversaries Adversaries: u Passive just looking u Active may change msgsAlice Bob
  • Slide 13
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security12 Key exchange: man-in-the-middle v Key exchange without Authentication Subject to Man-in-the-Middle attack u Attacker translates between the keys, reading and/or modifying the messages Authentication afterwards will not help!Alice Bob Shared w/Alice Shared w/Bob
  • Slide 14
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security13 Authentication M Alice Bob Alice sends a msg M to Bob Bob wants to be sure M is really from Alice
  • Slide 15
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security14 SignaturesAlice Bob Alice S Alice Alice Sig M = Sign(M, S Alice ) (M, Sig M ) Verify(M, Sig M, )
  • Slide 16
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security15 Authentication : public Alice Bob checks contracts
  • Slide 17
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security16 Public Key Signatures Alice P AliceAliceBob Alice S Alice Alice Sig M = Sign(M, S Alice ) = (M, Sig M ) Alice Verify(M, Sig M, P Alice ) Public Key Secret Key Problem: How to authenticate PAlice ? ?? ?
  • Slide 18
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security17 Certificates vvThis public key PAlice really belongs to Alice. Signed by Charlie, Certification Authority vCvCertificates can be public! M WM WM WM Whos Charlie?!? Alice Charlie,CA Alice S Alice Public Key Secret Key Alice P Alice CA
  • Slide 19
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security18 Public Key Infrastructures (PKI) v Root CA public key Obtained out-of-band Certifies other Public Keys (of CAs, or users) v Certification Chains Grain of salt: so, you have a certificate v To be continued
  • Slide 20
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security19 Back to SignaturesAlice Bob Alice S Alice Alice Sig M = Sign(M, S Alice ) = (M, Sig M ) Verify(M, Sig M, )
  • Slide 21
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security20 Authentication : privateAliceBob Alice S Alice Alice Sig M = Sign(M, S Alice ) = (M, Sig M ) Alice S Alice Alice Verify(M, Sig M, S Alice ) : Alice Check Sig M = Sign(M, S Alice ) Message Authentication Code (MAC) AliceAlice Sign(M, S Alice )=Hash(M, S Alice ) MAC = Shared Secret Sig = Symmetric Sig (Sign=Verify)
  • Slide 22
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security21 Hashing Crypto Hash: collisions may exist, but are hard to find Given y hard to find x, s.t. Hash ( x )= y Used for: Symmetric signatures Fingerprint for Public Key signatures x1 Hash y x2 collision
  • Slide 23
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security22 Another setting Alice Bob
  • Slide 24
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security23 Dynamics Secrets get stolen / exposed Limit (or even avoid) the damage Recover Revoke etc. v Some approaches Secret sharing & distributed computation Forward-security, intrusion-resilience, Threshold, proactive crypto
  • Slide 25
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security24 Real Life : e-thieves v E-thieves v E-thieves (pirates/hackers) Recreational (do it for fun - e-hooligans ) u Professionals v Defense u Cost & time aspects u Periodic renewals u Multiple defense lines u Obscurity vs. security (or security by obscurity) u Recovery from security breaches
  • Slide 26
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security25 Details and constructions
  • Slide 27
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security26 Outline v Block vs. Stream ciphers v Symmetrical vs. Asymmetrical (public key) v Tool: Pseudo-Random Number Generators v Complexity (what is hard ?) v Public Key Crypto Diffie-Hellman Rabins encryption RSA
  • Slide 28
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security27 Cipher = Encoder; or Encryption/Decryption scheme Stream cipher encodes/decodes char by char Block cipher encodes/decodes block by block +state Stream cipher ~ Block cipher with block size of 1 char ( +state ) Chaining (Modes of Operation) make block encryption depend on the past blocks make block ciphers more like stream ciphers Block vs. Stream Ciphers
  • Slide 29
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security28 Symmetric & Asymmetric schemes v Symmetric: decryption as easy as encryption (and vice versa) i.e. if you can encrypt then you can decrypt (and vice versa) (DES, AES/Rijndael are symmetric block ciphers ) v Asymmetric: may not be able to decrypt even if can encrypt (and vice versa) e.g. RSA
  • Slide 30
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security29 Symmetric cipher - example Caesar's cipher the letters of the alphabet are shifted ( * ) e.g. a is replaced with b, b with c, etc. so msg attack at midnight is encrypted as buubdl bu njeojhiu ( * ) the shift can be by one (as in our example) or more encryption and decryption are equally easy (too easy, in fact)
  • Slide 31
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security30 One-time pad For each character of the future msg indicate the shift: pad (key) msg (plaintext) ciphertext (encrypted msg)
  • Slide 32
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security31 One-time random pad (cont.) v Symmetric random v Pad is selected at random Perfectly secure, but... One time only so sending the pad is just as hard as sending the msg
  • Slide 33
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security32 Pseudo-random bit string ( PRBS ) generator: Hard PRBS = Hard to guess a bit (after seeing many others) Pseudo-random pad seed (short) PRBS (long) 01101 1010010110....
  • Slide 34
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security33 Complexity: what is hard ? measure hardness in terms of size of input easy = polynomial ; hard = exponential v Easy problems: u Finding max of n numbers - O(n) u Sorting n elements- O(n lg n) v Hard problems: u Factoring N=pq ( n bits long) current best (?)
  • Slide 35
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security34 Other hard problems Let N=p q, where p,q are large primes v Square root mod N given x,N find y= mod N, i.e. y 2 =x mod N (equivalent to factoring N) v Discrete log given b,N and x, find y = How hard are these problems really? v One-way functions: easy to compute hard to invert secret v Trap-door : a secret making inverting a owf easy
  • Slide 36
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security35 Public-Key Crypto Key exchange- Diffie-Hellman PK Encryption- Rabin, RSA e-Signatures- Rabin, RSA; ElGamal (a la DH); DSA; Fiat-Shamir
  • Slide 37
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security36 Diffie-Hellman: key exchange Alice Bob ab p, g m a g a mod p m b g b mod p mama mbmb m b a mod p m a b mod p = g ab mod p = shared secret key!
  • Slide 38
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security37 Rabins scheme v to encrypt msg m simply square it mod N =pq if p, q (such that p q = N ) are known, then decryption (finding m given x ) is easy (using Chinese Reminder Theorem) mod N plaintext ciphertext
  • Slide 39
  • 6/3/2015Gene Itkis: BU CAS 558 - Network Security38 Let N = p q, and find e, d such that v Encryption v Encryption : v Decryption v Decryption : RSA plaintext ciphertext
  • Slide 40
  • 6/3/2015Gene