CS 5950/6030 Network Security Class 4 (F, 9/9/05) Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared by: Prof. Aaron Striegel, U. of Notre Dame Prof. Barbara Endicott-Popovsky, U. Washington, and Prof. Deborah Frincke, U. Idaho]
28
Embed
CS 5950/6030 Network Security Class 4 ( F , 9/ 9 /05)
CS 5950/6030 Network Security Class 4 ( F , 9/ 9 /05). Leszek Lilien Department of Computer Science Western Michigan University [Using some slides prepared by: Prof. Aaron Striegel, U. of Notre Dame Prof. Barbara Endicott-Popovsky , U. Washington, and Prof. Deborah Frincke , U. Idaho]. - PowerPoint PPT Presentation
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
CS 5950/6030 Network SecurityClass 4 (F, 9/9/05)
Leszek LilienDepartment of Computer Science
Western Michigan University
[Using some slides prepared by:Prof. Aaron Striegel, U. of Notre Dame
Prof. Barbara Endicott-Popovsky, U. Washington, and Prof. Deborah Frincke, U. Idaho]
2
1.2. Survey of Students’ Backgroundand Experience (1)
Background SurveyCS 5950/6030 Network Security - Fall 2005
Please print all your answers.First name: __________________________ Last name: _____________________________Email _____________________________________________________________________Undergrad./Year ________ OR: Grad./Year or Status (e.g., Ph.D. student) ________________Major _____________________________________________________________________
PART 1. Background and Experience1-1) Please rate your knowledge in the following areas (0 = None, 5 = Excellent).
As people and systems, as well as their goals, change
13
A.5) Controls: Physical Controls
Walls, locks Guards, security cameras Backup copies and archives Cables an locks (e.g., for notebooks) Natural and man-made disaster
protection Fire, flood, and earthquake protection Accident and terrorism protection
...
14
B) Effectiveness of Controls
Awareness of problem People convined of the need for these controls
Likelihood of use Too complex/intrusive security tools are often
disabled Overlapping controls
>1 control for a given vulnerability To provide layered defense – the next layer
compensates for a failure of the previous layer Periodic reviews
A given control usually becomess less effective with time
Need to replace ineffective/inefficient controls with better ones
15
1.3.8. Principles of Computer Security
Principle of Easiest Penetration (p.5)An intruder must be expected to use any available means of penetration.The penetration may not necessarily be by the most obvious means, nor is it necessarily the one against which the most solid defense has been installed.
Principle of Adequate Protection (p.16)Computer items must be protected to a degree consistent with their value and only until they lose their value.
[modified by LL]
16
Principle of Effectiveness (p.26)Controls must be used—and used properly—to be effective.They must be efficient, easy to use, and appropriate.
Principle of Weakest Link (p.27)Security can be no stronger than its weakest link. Whether it is the power supply that powers the firewall or the operating system under the security application or the human, who plans, implements, and administers controls, a failure of any control can lead to a security failure.
1.2. Survey of Students’ Background and Experience
1.3. Introduction to Security Examples – Security in Practice What is „Security?”
18
Section 2 Outline
2. Cryptology2.1. Threats to Messages2.2. Basic Terminology and Notation2.3. Requirements for Crypto Protocols ...
19
2.1. Threats to Messages
Interception Interruption
Blocking msgs Modification Fabrication
“A threat is blocked by control of a vulnerability” [Pfleeger & Pfleeger]
[cf. B. Endicott-Popovsky, U. Washington]
20
2.2. Basic Terminology & Notation
Cryptology: cryptography + cryptanalysis
Cryptography: art/science of keeping message secure
Cryptanalys: art/science of breaking ciphertext
Enigma in WW2 Read the real story – not fabrications!
21
Basic Cryptographic Scheme
plaintext ciphertext
original plaintext
ENCRYPTION
ENCODING
ENCIPHERING
E
DECRYPTION
DECODING
DECIPHERING
D
P C P
P = <p1, p2, ..., pn> pi = i-th char of P
P = „DO NOT TELL ANYBODY” p1 = „D”, p2 = „O”, etc.
By convention, cleartext in uppercase C = <c1, c2, ..., cn> ci = i-th char of C
C = „ep opu ufmm bozcpez” c1 = „e”, c2 = „p”, etc.
By convention, ciphertext in lowercase
22
Benefits of Cryptography
Improvement not a Solution! Minimizes problems Doesn’t solve them
Remember: There is no solution!
Adds an envelope (encoding) to an open postcard (cleartext)
[cf. D. Frincke, U. of Idaho]
23
Formal Notation
C = E(P) E – encryption rule/algorithm
P = D(C) D – decryption rule/algorithm
We need a cryptosystem, where: P = D(C)= D(E(P))
i.e., able to get the original message back
plaintext ciphertextoriginal
plaintextENCRYPTION
ENCODING
ENCIPHERING
E
DECRYPTION
DECODING
DECIPHERING
D
P C P
24
Cryptography in Practice
plaintext
P
ciphertext
ENCRYPTION
ENCODING
ENCIPHERING
E
C
hostile environmen
t
ciphertext
original plaintext
DECRYPTION
DECODING
DECIPHERING
D
C P
hostile environmen
t
Sending a secure message
Receiving a secure message
25
Crypto System with Keys
C = E(KE, P) E = set of encryption algorithms / KE selects Ei E
P = D(KD, C) D = set of decryption algorithms / KD selects Dj D
Crypto algorithms and keys like door locks and keys (p.37)
W need: P = D(KD, E(KE, P))
E DP C P
EncryptionKey
Decryption Key
KE KD
26
Cryptosystems w.r.t. Keys
Keyless cryptosystems exist (e.g., Caesar’s cipher - below) Less secure
Symmetric cryptosystems: KE = KD (p.38)
Classic Encipher and decipher using the same key
Or one key is easily derived from other
Asymmetric cryptosystems: KE ≠ KD (revious slide)
Public key system Encipher and decipher using different keys
Computationally infeasible to derive one from other [cf. B. Endicott-Popovsky, U. Washington]
27
2.3. Requirements for Crypto Protocols
Messages should get to destination Only the recipient should get it Only the recipient should see it Proof of the sender’s identity Message shouldn’t be corrupted in transit Message should be sent/received once
Proofs that message was sent/received (non-repudiation)