Network Security Lecture 10:
Network Security Lecture 10:
Computer Networks, Fall 2015
Security properties
‣ Confidentiality
- only the sender and the receiver understand the contents of the message
‣ Authenticity
- the message is from whom it claims to be
‣ Integrity
- the message was not changed along the way
2
Computer Networks, Fall 2015
Outline
‣ Building blocks
‣ Providing security properties
‣ Securing Internet protocols
‣ Operational security
3
Computer Networks, Fall 2015
Outline
‣ Building blocks
‣ Providing security properties
‣ Securing Internet protocols
‣ Operational security
4
Computer Networks, Fall 2015
Encryption & decryption
5
Bob Alice
“Dear Bob, ...”
communication channel
“daghj2$%@^”
encryption algorithm
decryption algorithm
“Dear Bob, ...”
“daghj2$%@^” “daghj2$%@^”
Computer Networks, Fall 2015
Encryption & decryption
6
plaintext plaintext
Bob Alice
encryption algorithm
decryption algorithm
ciphertext ciphertext
Computer Networks, Fall 2015
Encryption & decryption
‣ Encryption algorithm: input: plaintext, output: ciphertext
‣ Decryption algorithm: input: ciphertext, output: plaintext
‣ Ciphertext: ideally, should reveal no information about the message
7
Computer Networks, Fall 2015
key key
Symmetric key cryptography
8
plaintext plaintext
Bob Alice
encryption algorithm
decryption algorithm
ciphertext ciphertext
Computer Networks, Fall 2015
key
Symmetric key cryptography
9
plaintext plaintext
encryption algorithm
decryption algorithm
ciphertext ciphertext
key
key{ } key{ } plaintext = plaintext
Computer Networks, Fall 2015
Symmetric key cryptography
‣ Alice and Bob share the same key
- used both for the encryption and decryption algorithm
‣ Used to “scramble” the plaintext
- RC4, AES, Blowfish
10
Computer Networks, Fall 2015
Symmetric key cryptography
‣ Challenge: how to share a key?
- out of band
- not always an option
11
Computer Networks, Fall 2015
Asymmetric key cryptography
12
key+
key-
plaintext plaintext
Bob Alice
encryption algorithm
decryption algorithm
ciphertext ciphertext
Computer Networks, Fall 2015
key-{ } key+{ }
Asymmetric key cryptography
13
key+ key-
plaintext plaintext
encryption algorithm
decryption algorithm
ciphertext ciphertext
plaintext = plaintext
Computer Networks, Fall 2015
Asymmetric key cryptography
‣ Alice and Bob use different keys
- public (key+) and private (key-) key
‣ There is a special relationship between them
- key-{ key+{ plaintext } } = plaintext
- key+{ key-{ plaintext } } = plaintext
- RSA, DSA
14
Computer Networks, Fall 2015
Asymmetric key cryptography
‣ Challenge: computationally expensive
- sophisticated encryption/decryption algorithms based on number theory
15
Computer Networks, Fall 2015
Cryptographic hash function
16
Dear Bob, .................... .................... .................... Cheers, Alice
hash function
tru46hj#$%
hash
Computer Networks, Fall 2015
Cryptographic hash function
17
Dear Bob, .................... .................... .................... Cheers, Alice
hash function
Dear Bob,
hash
Dear Bob, .................... .................... .................... Thanks,
Celine
Dear Bob, .................... .................... .................... Best wishes, Dabir
Computer Networks, Fall 2015
Cryptographic hash function
18
Dear Bob, .................... .................... .................... .................... .................... .................... Cheers, Alice
hash function
tru46hj#$%
hash ?
Computer Networks, Fall 2015
Cryptographic hash function
‣ Maps larger input to smaller hash
‣ Hash should not reveal information on input
‣ Should be hard to identify 2 inputs that lead to the same hash
19
Computer Networks, Fall 2015
Building blocks
‣ Symmetric key encryption/decryption - Alice and Bob share the same key - challenge: exchanging the key
‣ Asymmetric key encryption/decryption - Alice and Bob use different keys - challenge: computationally expensive
‣ Cryptographic hash function - produces a hash of the original message
- that’s different from encryption 20
Computer Networks, Fall 2015
Outline
‣ Building blocks
‣ Providing security properties
‣ Securing Internet protocols
‣ Operational security
21
Computer Networks, Fall 2015
Providing confidentiality
22
key key
plaintext plaintext
Bob Alice
encryption algorithm
decryption algorithm
ciphertext ciphertext ciphertext
Eve
Computer Networks, Fall 2015
Providing confidentiality
23
plaintext plaintext
Bob Alice
encryption algorithm
decryption algorithm
ciphertext ciphertext
Bob_key+
Bob_key-
Computer Networks, Fall 2015
Providing confidentiality
24
plaintext plaintext
Bob Alice
encryption algorithm
decryption algorithm
ciphertext ciphertext
Bob_key+
Bob_key- Manuel
Computer Networks, Fall 2015
plaintext
encryption algorithm
ciphertext
Man in the middle
25
Bob Alice
plaintext
decryption algorithm
ciphertext
plaintext
encryption algorithm
ciphertext
Bob_key+
Bob_key-
Manuel
plaintext
decryption algorithm
ciphertext
Manuel_key+
Manuel_key-
ciphertext ciphertext
Computer Networks, Fall 2015
Providing confidentiality
‣ With symmetric key crypto
- Alice encrypts message with shared key
- only Bob can decrypt it
‣ With asymmetric key crypto
- Alice encrypts message with Bob’s public key
- only Bob can decrypt it (with his private key)
- but beware of man-in-the-middle attacks
26
Computer Networks, Fall 2015
Providing authenticity
27
Bob Alice Persa
Computer Networks, Fall 2015
Providing authenticity
28
Bob Alice Persa
Computer Networks, Fall 2015
Providing authenticity
29
Bob Alice
Computer Networks, Fall 2015
Providing authenticity
30
Bob Alice
key{ I am Alice }
= hjdfk678vnx
Computer Networks, Fall 2015
Providing authenticity
31
Bob Persa
key{ I am Alice }
!= hgdja54637452
Computer Networks, Fall 2015
Providing authenticity
32
Bob Alice
Computer Networks, Fall 2015
Providing authenticity
33
Bob Alice
hash{ key | I am Alice }
= 46873astubv
Computer Networks, Fall 2015
Providing authenticity
34
Bob Alice
Message Authentication Code (MAC)
Computer Networks, Fall 2015
Providing authenticity
35
Bob Alice
Alice_key+{ 687retwyw }
= I am Alice
Computer Networks, Fall 2015
Providing authenticity
36
Bob Persa
Alice_key+{ ghdj67d%^& }
!= I am Alice
Computer Networks, Fall 2015
Providing authenticity
37
Bob Alice
Computer Networks, Fall 2015
Providing authenticity
38
Bob Alice
Digital signature
Computer Networks, Fall 2015
Providing authenticity
39
Bob Alice
Computer Networks, Fall 2015
Providing authenticity
40
Bob Alice
Computer Networks, Fall 2015
Providing authenticity
41
Bob Alice
Message Authentication Code (MAC)
Computer Networks, Fall 2015
Providing authenticity
42
Bob Alice
Computer Networks, Fall 2015
Providing authenticity
43
Bob Alice
Digital signature
Computer Networks, Fall 2015
Providing authenticity
44
Bob Alice
Computer Networks, Fall 2015
Providing authenticity
45
Bob Alice
Computer Networks, Fall 2015
Providing authenticity
‣ With symmetric key crypto
- Alice appends hash of message + shared key
- Bob verifies that it is correct (using shared key)
‣ With asymmetric key crypto
- Alice encrypts hash of message with her private key, appends to unencrypted message
- Bob verifies that it is correct (using Alice’s public key)
46
Computer Networks, Fall 2015
Providing authenticity
‣ Nonce for avoiding replay attacks
- Bob sends Alice a nonce (random number)
- Alice appends hash of message + shared key + nonce
47
Computer Networks, Fall 2015
Providing integrity
48
Bob Alice
Computer Networks, Fall 2015
Providing integrity
49
Bob Alice
Computer Networks, Fall 2015
Providing integrity
‣ With the same mechanisms that provide authenticity
50
Computer Networks, Fall 2015
plaintext
encryption algorithm
ciphertext
Man in the middle
51
Bob Alice
plaintext
decryption algorithm
ciphertext
plaintext
encryption algorithm
ciphertext
Bob_key+
Bob_key-
Manuel
plaintext
decryption algorithm
ciphertext
Manuel_key+
Manuel_key-
ciphertext ciphertext
Computer Networks, Fall 2015
Public key certification
‣ Trusted certificate authority (CA) digitally signs that key+ is Bob’s public key
- using the CA’s private key
‣ CA’s public key is obtained out of band
- web browsers pre-configured with CA public keys
52
Computer Networks, Fall 2015
Outline
‣ Building blocks
‣ Providing security properties
‣ Securing Internet protocols
‣ Operational security
53
Computer Networks, Fall 2015
Securing email (confidentiality)
54
Alice
Bob_key+{ }
shared_key{ } message
shared_key
+
Computer Networks, Fall 2015
shared_key{ }
Bob_key-{ }
Securing email (confidentiality)
55
Bob
Bob_key+{ }
shared_key{ } message
shared_key
-
Computer Networks, Fall 2015
Alice_key-{ } hash{ }
Securing email (auth & integrity)
56
Alice
message
message
+
Computer Networks, Fall 2015
Alice_key+{ }
Securing email (auth & integrity)
57
Bob -
Alice_key-{ } hash{ } message
message hash{ }
Computer Networks, Fall 2015
Alice_key-{ } hash{ }
Securing email
58
Alice
message
message
+ shared_key{ ... }
Bob_key+{ shared_key }
+
Computer Networks, Fall 2015
Securing TCP
59
online store Alice
Computer Networks, Fall 2015
Securing TCP
‣ Server sends its certificate
- includes its public key
‣ Client creates and sends a shared master key
- encrypts it with server’s public key
‣ Both use master key to create 4 session keys
- 1 key for encrypting client --> server data
- 1 key for creating MAC for client --> server data
- same for server --> client data
60
Computer Networks, Fall 2015
Securing TCP
61
online store Alice
Computer Networks, Fall 2015
Securing TCP
62
online store Alice
Computer Networks, Fall 2015
Securing TCP
‣ Client organizes data in records
- each record has a sequence number
‣ Creates MAC for each record + sequence #
- using one of the 4 session keys
‣ Encrypts the data + MAC for each record
- using (another) one of the 4 session keys
63
Computer Networks, Fall 2015
Securing IP
64
Bob Alice
IP packet
key1{ IP packet }, hash{ key2, key1{ IP packet } }
IP packet
Computer Networks, Fall 2015
Securing IP
‣ 2 IP routers establish a “secure tunnel”
- usually between branch offices of a company
‣ Source encrypts each IP packet
- using a shared key
‣ Source creates MAC for encrypted IP packet
- using another shared key
65
Computer Networks, Fall 2015
Key ideas
‣ Combination of symmetric/asymmetric keys - asymmetric key crypto to exchange shared keys
- symmetric key crypto for confidentiality, authenticity, & integrity
- symmetric key crypto is faster
‣ Seq. numbers to avoid reordering attacks - organize data in records with seq. numbers
- compute MAC on record data + seq. number
66
Computer Networks, Fall 2015
Outline
‣ Building blocks
‣ Providing security properties
‣ Securing Internet protocols
‣ Operational security
67
Computer Networks, Fall 2015
Firewalls
68
action src IP dst IP src port dst port proto
allow 167.67/16
167.67/16
any TCP > 1023 80
allow any TCP 80 > 1023
deny all all all all all
flag
all
ACK
all