Transcript Link Encryption - Microsoft Personal Web Server

Link Encryption
What is Link Security?
Link security objectives by link encryption
In-line encryptor hardware
Point to point deployment
IP-routed development
Key Recovery
from Internet Cryptograph chapter 3
1
ISO/OSI Layer Review – 7 layers
International Standard Organisation/Open System Interconnection

The 7-layer is
shown on right.
 There are many
protocols in each
layer.
 For example, High
Level Data link
Control (HDLC) in
Data link layer
2
Internet Protocol – 5 layers

Internet protocol
reduces to five layers.
 Link Security refers
to the security
measure in data link
layer (ISO/OSI, layer
2) or Network
Interface (Internet
Protocol, layer 2)
3
Internet Cryptographic Protocols
Protocol
Purpose
CyberCash (5)
Electronic funds transactions
DNSSEC (5)
Domain Name System
IPSec (layer 3)
Packet-level encryption
PCT
TCP/IP level encryption
PGP (layer 5)
E-mail
S-HTTP (layer 5)
Web browsing
Secure RPC
Remote procedure calls
SET (layer 4)
Electronic funds transactions
SSL (layer 4)
TCP/IP level encryption
4
What is a protocol?


It means “The proper way of handling data transfer
between two parties. “
Assume two parties, Sender and Receiver are
sending message. Below is the proper procedure
inlcuding the error handling (in this case, retransmit)
5
What is link security protocol?

It is designed to hide secrets
(means, encrypt for you)
 It intends to protect data
against forgery (false data).
 It can simply fit into existing
Internet applications.
 In Data link layer (ISO/OSI
layer 2) or Network Interface
6
Security Objectives of link security (1)

Maintain confidentiality on an isolated
set of computers.



The computer contains sensitive data
and needs to exchange with others.
Use a simple but secure protocol
Purpose
Reason
Communications with outsiders is
unwanted and to be blocked

To prevent the data from happening
through accident, carelessness or overt
(公開) attempt.
7
Security Objectives (2)
 Hide
data traffic as much as
possible
 Shield
everything possible about
the data sent
Action
 Safety
and familiarity is more
important than cost
 Use
a well-established technique
that is simple to understand and
implement.
8
In-line Encryptor – must be a pair
 It
is a building block for link encryption.
 It is a hardware device (not a software)
 One port accepts plaintext, while the
other produce ciphertext. (vice versa)
In-line Encryptor
Plaintext
Ciphertext
iomega
Internet
9
Example of a pair of in-line encryptor
through the Internet, usually it is used through a leased line (from
PCCW)
10
In-line Encryptor (real products)

Code
encryptor
(a small device with
two network data
link connections.)

In-line
encryptor
11
Inside in-line encryptor
Send a message
of "Grade A to
Chan Tai Man"
uy78&454
Encrypt
Plaintext
interface
ciphertest
interface
Decrypt
No problem
In-line Encryptor
90iu^&
12
Features of in-line encryptor
 Separate
the plaintext and ciphertext
ports (that is why there are two ports)
 Use a stream cipher or block cipher
 In practice, a block cipher such as RC4
is used in commercial setting. (it uses
DES (data encryption standard
algorithm)
13
Link level Vulnerabilities
(means weakness)
There are a few attacks, Below are some of
them:
 Replay Attacks
 Rewrite Attacks
 Convert Signalling Attacks
14
Replay Attacks – resend a few times
 If
the message is an encrypted, why
should we care about replay?
 The reason is that:
 If
an outsider captures the encrypted
message and re-send it, he/she might
attack the system.
15
Example of Replay Attacks
Pay Chan Tai Man 1000
Send a message of
"pay Chan Tai Man 1000"
Pay Chan Tai Man 1000
Pay Chan Tai Man 1000
Genuine
$%&*(
Bob and his colleagues
Alice
$%&*(
Bogus
Copies
$%&*(
Play-it-agan
False
copies
16
Example of Replay Attacks - Explanation
 Alice
sends a message of “pay
Chan Tai Man” to Bob. She sends
one genuine (true) message.
 Play-it-again Sam captures the
encrypted message and re-sends
twice to Bob.
 Bob and his colleagues will then
pay Chan Tai Man three times.
 Of course, Sam will have certain
benefits of doing this.
17
How to solve this? – Replay attack
 Each
plaintext message must have an
extra information such as message
number.
2
data2
3
data3
 If the receiver receives a duplicated
message, it is discarded.
2
data2
2
data2
 This
will solve it in TCP/IP (layers 3 & 4).
It has this feature to solve this problem.
18
Rewrite Attacks
 If
an hacker knows the contents, he/she
can modify the encrypted message.
 Say for example, the encrypted
message of pay 1000 is 89^&oiu,
he/she can modify 89^&aiu by changing
o to a. The resulting plaintext message
is 9000. (This assumes that 89^&aiu will
produce 9000.)
19
Example of Rewrite
 Here,
the encrypted message is
modified via a switcher.
Send a message of
"pay Chan Tai Man 1000"
Pay Chan Tai Man 9000
Genuine
89^&oiu
$%&*(
89^&aiu
Bob and his colleagues
Alice
Switcher
20
How to resolve this? - rewrite
There are many methods. Below are some of them
1.
2.
3.
4.
Avoid products using other modes. Always
use block ciphers or Vernam techniques.
(crude rewrite attacks are still possible with
block mode.); or
Insert a random number into each packet,
include it in the packet checksum and
encrypt the resulting packet; or
Use Message Digest that you learnt in
lecture 4; or
Use digital signature to authenticate the
source of data. (the message is signed)
21
Convert Signaling Attacks
 The
attack is done by inserting a
subverted program (spy software) into
a host on the plaintext side of an
encryptor
 The program collects sensitive data and
then transmits it to the program outside
the security boundary.
22
Example – subverted program
Secuirty boundary
Internet
Collect
sensitive
data
23
Deployment – Point to point between
sender and receiver
Arrangement

This deployment uses a pair of trusted lines
between a pair of hosts.
 There is no need to connect to the Internet.
 For example, you can apply for a leased line
via Pacific Century Cyber Work (PCCW)
between two computers (example from
Central to Kowloon Tong). Now, it uses VPN,
a pair of encryptors through the Internet)
24
Point to point – Connection

Each host’s data link is connected to the plaintext
port of in-line encryptor. It is commonly used in
military applications.
Secuirty boundary
Protect
In-line Encryptor
pay
30
In-line Encryptor
76%7hui
iom ega
Plaintext
30
y
pa
iom ega
Unprotected
but unreadable
ciphertext message
Plaintext
25
Point to point limitation

It is hard to use as it limits between two in-line
encryptors. (between two points)
 You don’t have any choice on the encryption.
In-line Encryptor
iomega
In-line Encryptor
iomega
Plaintext
Plaintext
Encryption within this boundary
26
Deployment Example: Ip routed

Link encryption can also be applied to links
carrying IP traffic. (means network layer)
 This yields a flexible networking environment.
(any workstation in the network can access.)

For example, assume that there are two
networks that are connected by a pair of
routers.
 Any workstation, server etc can access the
remote networking components through the
leased line that is protected by the in-line
encryptors.
27
Ip routed network diagram (to any
host within the network) This arrangement is more
flexible
Plaintext
Mainframe
Network Server
Mainframe
Network Server
Winframe Server
Winframe Server
Plaintext
Network Cable
Ip Router
ac c
IP router
e ss
pat
h
Network Cable
Leased line
iom ega
In-line Encryptor
iom ega
ciphertext
In-line Encryptor
28
Site protection – Ip routed
 Given
in the previous slide, the
machines (server and workstations) are
within the protected boundary of the site.
 The in-line encryptors are used to
further to protect from unnecessary
physical access. (messages are
encrypted.)
29
Site Protection – Unsafe arrangement
 The
workstation out of physical
protection is unsafe.
Site Protection
Plaintext
Mainframe
Network Server
Mainframe
Network Server
Winframe Server
Winframe Server
Plaintext
Network Cable
Ip Router
ac c
IP router
e ss
pat
h
Network Cable
Leased line
iomega
In-line Encryptor
iomega
ciphertext
In-line Encryptor
Physical protection
unsafe, as authorised
people can use it
30
Key Recovery – how to get the key
 The
protection of in-line encryptors lies
in the key used.
 Key recovery means the keys that are
used to encrypt the data is recovered
by someone else without notice.
Send a message
of "Grade A to
Chan Tai Man"
uy78&454
Encrypt
Plaintext
interface
ciphertest
interface
Decrypt
No problem
In-line Encryptor
90iu^&
31
Escrowed Encryption
No need
to
memorise

Escrowed encryption is the system or method
by which secret keys are stored to be used
for key recovery.
 That is to say, the secret keys are held in
escrow (a separate organisation) until an
authorised person (FBI or CIA in US)
accesses it.
 There is no commercial value as the
encryption lasts for the transfer of data, but is
used by government to decrypt the encrypted
message (for anti-terrorism).
32
Example – sequence
no need to memorise

The FBI first stores the ciphertext and then
uses the family key (product of in-line
encryptor) to obtain the session key.
 Different manufacturer will produce different
family keys for their products
 FBI then approaches escrow agency to
obtain the sender’s key based on device ID.
 FBI then use the key to together with the
session key to decrypt the ciphertext.
33
Example – picture
Plaintext
Escrowed
Keyfrom
escrow agency
Decrypt
Device ID
Session key
Decrypt
Checksum
Checksum
Decrypt
family key
different
products
might have
different key
Ciphertext
Law enforcement
access field
34
Summary
Link Security – between two parties, layer 2
Link security objectives – extend the security
coverage
 In-line encryptor – a pair of devices, to
encrypt/decrypt message, there is no need to
configure, and no need to encrypt document,
it is done by the in-line encryptors.
 Point to point – there is a limitation of the use
of in-line encryptor, only to known location,
The solution is to extend by IP routed
 Key Recovery - less common in business,
but is required by U.S. law to recover
ciphertext for in-line encryptors


35
Next Week
IPSec (Security
at the IP Layer,
Layer 3)
In-line encryptor
This Week
36