Advanced Computer Networks

Advanced Computer Networks

Lecture 4

Security

1 Motivation• More vital/secret data handled by distributed components

within network systems and Internet.• Security: protecting data stored in and transferred between

distributed components from unauthorised access.• Insecurity effect: Confidential Data may be stolen, e.g.:

– corporate plans.– new product designs.– medical/financial records (e.g. Access bills…)

• Insecurity effect: Data may be altered, e.g.:– finances made to seem better than they are.– results of tests, e.g. on drugs, altered.– examination results amended (up or down).

1 Why are Distributed Systems Insecure?

• Distributed component rely on messages sent and received from network.

• Is network (especially WANs and wireless networks) secure?

• Is client component secure?• Is client component who it claims to be?• Are users of calling components really who they

claim to be?

1 Consequences of Insecurity

• Loss of confidence: above effects may reduce confidence in computerized systems.

• Claims for damages: legal developments may allow someone to sue if data on computer has not been guarded according to best practice.

• Loss of privacy: data legally stored on a computer may well be private to the person concerned (e.g. medical/personnel) record.

2 Security Threats• Categorization of attacks (and goals of attacks) that

may be made on system.• Three broad classes:

– leakage: information leaving system.– tampering: unauthorised information altering.– vandalism: disturbing correct system operation.

• Used to specify what the system is proof, or secure, against.

• Attacks: Passive and Active

2 Passive Attacks• Eavesdropping on transmissions

– Receive message copies without authority.• To obtain information• Release of message contents

– Outsider learns content of transmission• Traffic analysis

– By monitoring frequency and length of messages, even encrypted, nature of communication may be guessed

• Difficult to detect• Can be prevented

2 Active Attacks Masquerading: Pretending to be a different entity

without authority. Message tampering: Intercepting and altering

messages. Replaying: Storing messages and sending them later. Denial of service: Flooding server resources with

messages in order to deny other’s access. Hard to prevent Easy to detect

– Detection may lead to deterrent

3.1 Introduction

• Cryptography: encode message data so that it can only be understood by intended recipient.

• Romans used it in military communication.• Given knowledge of encryption algorithm, a brute

force attempt is to try every possible decoding until a valid message is produced.

• Computers are good at this!• Modern schemes must be computationally hard to

solve to remain secure.

3.2 Cryptographic Terminology

• Plain text: the message before encoding (by encryption).

• Cipher text: the message after encoding.• Key: information needed to convert from plain

text to cipher text (or vice-versa).• Function: the encryption or decryption algorithm

used, in conjunction with key, to encode or decode message.

• Key distribution service: trusted service which hands out keys.

3.3 Encryption

• Encrypting data prevents unauthorised access to the data (i.e. prevents eavesdropping).

• If encrypted data can only be encrypted with a matching key, this can be used to prove sender’s identity (i.e. prevents masquerading).

• Likewise, it can be used to ensure that only intended recipients can use the data.

• Two main ways: secret key and public key..

3.4 Secret Keys

• One key is used to both encrypt and decrypt data• Encryption and decryption functions are often

chosen to be the same type• Security should not be compromised by making

function well-known as security comes from secret keys

3.4 Enigma Encryption Machine

3.4 Using Secret Keys

• Sender and recipient exchange keys through some secure, trusted, non-network based means.

• Sender encodes message using encryption function and sends the message, knowing that only the holder of key (the intended recipient) can make sense of it.

• Recipient decodes message, and knows that only intended sender could generate it.

• Message can be captured but is of no use.

3.4 Simplified Model of Symmetric (Secret Key) Encryption

3.4 Secret Key Encryption Algorithms

• Historical cipher– Caesar Cipher– Monoalphabetic Cipher– Polyalphabetic Cipher

3.4.1 Caesar Cipher Each letter in plaintext is substituted with letter that is K

letters later Wrap around is allowed (i.e., z followed by letter a) If K = 3, a in plaintext becomes d in cipher text

b in plaintext becomes e in cipher text

—Exercise: “Dolfh, L oryh brx. Ere”—Once it is known that Caesar cipher is being used, it is easy to break the code (only 25 possible key values).

3.4.1 Attacking Caesar Cipher: Brute-Force

• Brute-Force attack is based on the making sense feature of the data by trying every possible key.

• Suppose that the cipher “mrsxocoexsfobcsdi” is the result of a Caesar shift cipher.

• Since the key space is {0, 1, …, 25}, then the possible plaintexts are: mrsxocoexsfobcsdi, nstypdpfytgpcdtej, otuzqeqgzuhqdeufk, puvarfrhavirefvgl, qvwbsgsibwjsfgwhm, rwxcthtjcxktghxin, sxyduiukdyluhiyjo, tyzevjvlezmvijzkp, uzafwkwmfanwjkalq, vabgxlxngboxklbmr, wbchymyohcpylmcns, xcdiznzpidqzmndot, ydejaoaqjeranoepu, zefkbpbrkfsbopfqv, afglcqcslgtcpqgrw, bghmdrdtmhudqrhsx, chineseuniversity, dijoftfvojwfstjuz, ejkpgugwpkxgtukva, fklqhvhxqlyhuvlwb, glmriwiyrmzivwmxc, hmnsjxjzsnajwxnyd, inotkykatobkxyoze, jopulzlbupclyzpaf, kpqvmamcvqdmzaqbg, lqrwnbndwrenabrch

3.4.2 Monoalphabetic Cipher Improvement on Caesar Cipher Rather than substituting according to a regular pattern

– any letter can be substituted for any other letter, as long as each letter has a unique substitute letter, and vice versa.

Example of a monoalphabetic cipher Plain Text: a b c d e f g h i j k l m n o p q r s t u v w x y z Cipher Text: m n b v c x z a s d f g h j k l p o i u y t r e w q

Complexity: – _______ Possible pairings of letters – so breaking code is

not as easy as in the case of Caesar cipher.26!

3.4.2 Cryptanalysis: Simple Example

• Mono-alphabetic substitution ciphers can be broken by simple frequency analysis

• The relative frequency of letters in English text is distinct (shown in table)

• Ciphertext frequencies can be used to guess plaintext letters

Letter: a b c d e f g h i j k l m

Frequency: 7 1 3 4 13 3 2 3 8 <1 <1 4 3

Letter: n o p q r s t u v w x y z

Frequency: 8 7 3 <1 8 6 9 3 1 1 <1 2 <1

3.4.2 Cryptanalysis

• It is the art and science of breaking ciphers, ciphertexts, or keys.

• Brute-force: A cryptanalysis where all possible keys are tested, and then the result possible plaintext are analyzed.

• Statistical analysis: single-letter appearance frequency; “q” is mostly followed by “u”; multi-letter frequency.

• Known plaintext-ciphertext combination.

3.4.3 Polyalphabetic Encryption• Use multiple monoalphabetic/Caesar ciphers• Use a specific monoalphabetic/Caesar cipher to encode

a letter in a specific position in the plain text message• This implies that same letter appearing in different

positions in the plaintext might be encoded differently.

Example: 2 Caesar ciphers; K = 5, K = 19For every 5 bits in the plain text use the 2 Caesar ciphers

in the following pattern: C1, C2, C2, C1, C2

3.4.3 Example: Vigenere Cipher

• In the Vigenere cipher, the character in the ciphertext is chosen from a two-dimensional table (26 x 26), in which each row is a permutation of 26 characters (A to Z).