Transcript Network Security Goals Confidentiality or Privacy

‫بسم هللا الرحمن الرحيم‬
NETWORK SECURITY
Done By:
Saad Al-Shahrani
Saeed Al-Smazarkah
May 2006
Network Security Goals

Confidentiality or Privacy: Only sender, intended
receiver should ”understand” message contents
Sender encrypts message
Receiver decrypts message
o
o



Authentication: Sender, receiver want to confirm
identity of each other
Integrity: Sender, receiver want to ensure messages are
not altered during transmission without detection
Access and Availability: Services must be accessible
and available to users
People want to communicate securely
•
Eve (intruder/eavesdropper): may intercept,
delete, add messages
There are Eavesdroppers out there!
Q: what can an eavesdropper do?
A: a lot!
o
o
o
o
o
Observing and recording
information
Unauthorized access to a server
Denial of service: prevent service
from being used by others (e.g. by
Flooding a server with requests)
Impersonating a legitimate server
Hijacking: “take over” ongoing
connection by removing sender or
receiver, inserting himself in place
Network Security: Agenda
o
Main weapon: cryptography



o
Confidentiality (encryption)
Message authentication
Signatures and Certificates
Internet Threats, Attacks and Defenses




Secure request/ response protocols
Secure connection ‘tunnels’
Denial of Service attacks
Firewalls
Encryption Protects Confidentiality


Secret Key crypto: Shared secret key
(KE,B=KD,B)
Public key crypto: A user has a public
encryption key KE,B and a matching private
decryption key KD,B
Secret Key Crypto




Two operations (“encrypt”, “decrypt”) which
are inverses of each other. Like
multiplication/division
One parameter (“the key”)
Even the person who designed the algorithm
can’t break it without the key
Ideally, a different key for each pair of users
Secret key crypto





encrypt= f(K, plaintext)=ciphertext
decrypt= f(K, ciphertext)=plaintext
authentication: send f(K, challenge)
integrity check: f(K, msg)=X
verify integrity check: f(K, X, msg)
Public Key Crypto





Two keys per user, keys are inverses of each other
Public key “BPub” you tell to the world
Private key “BPriv” you keep private
Yes it’s magic. Why can’t you derive “BPriv” from
“BPub”?
And if it’s hard, where did (BPub, BPriv) come from?
Encryption and Integrity

Encryption hides the message from eavesdropper

Question: can eavesdropper change message?
o

Or: dose encryption ensure message integrity?
With Public Key Encryption:
Eve can replace EBPub(m) with fake: EBPub (m’)
o

With Secret (shared) Key Encryption:
o
o

This seems harder to do
But given c=mk, attacker can send c mask, to invert any bit in
decrypted message (use mask)
Encryption does not ensure integrity!
Public Key VS. Secret Key

In terms of capabilities public key is more
powerful.

Public key provides digital signature.

Secret key is much faster than public key
Public Key Digital Signatures: concept


One of the best features of public key
An integrity check




calculated as f(priv key, data)
verified as f(public key, data, signature)
Verifiers don’t need to know secret key
RSA can be used for digital signature scheme
Popular Secret Key Algorithms




DES: old standard, 56-bit key, slow
3DES: fix key size but 3 times as slow
RC4: variable length key, “stream cipher”
(generate stream from key, XOR with data)
AES: replacement for DES, will probably
take over
Popular Public Key Algorithms


RSA: public key operations can be made
very fast, but private key operations will be
slow.
ECC (elliptic curve crypto): smaller keys,
so faster than RSA (but not for public key
ops).
Key Distribution Problem
Secret Key Problem:
How do two entities
establish shared secret
key over the network?
Solution:
Trusted key
distribution (KDC)
acting as intermediary
between entities
KDC needs shared key
with each entity.



Public Key Problem:
When Saad obtains
Saeed’s public key
(from web site, e-mail,
diskette), how does he
know it is Saeed’s
public key, not
eavesdropper’s?
Solution:
Trusted certification
authority (CA)


Key Distribution - Secret Keys



Could configure n2 keys
Makes the systems unfeasible for large-scale use
Instead use Key Distribution Center (KDC)



Every user has a secret key shared with KDC
The KDC knows all the users
The KDC assigns a key to any pair who need to talk
Key Distribution - Public Keys



Certification Authority (CA) signs
“Certificates”
Certificate = a signed message saying “I,
the CA, vouch that 489024729 is Saad’s
public key”
If everyone has a certificate, a private key,
and the CA’s public key, they can
authenticate
Key Distribution - Public Keys
Saeed
Saad
[“Saad”, key=342872]CA
[“Saeed”, key=8294781]CA
Auth, encryption, etc.
Denial Of Service Attack


Attacker tries to exhaust resources of host/
server/ router/ user
Resources include:



Computation (CPU time)
Storage (e.g. for state of requests/connections)
Open TCP connections


Limited (10s to several thousand connections – depending
on hardware, operating system)
SYN flooding DOS attack: attacker sends ‘SYN’ flow
(open connection); server waits
SYN flooding DOS attack


Attacker sends many SYN requests (using
different spoofed client IP address), no ACK
Uses up server’s capacity for open connections
Firewalls

Firewall:
A secure machine (or program), isolating
organization’s internal net from larger Internet
(or another net), allowing some packets to pass,
blocking others
Packet Filtering


Internal network connected to Internet via Router Firewall
(packet filtering)
Router filters packet-by-packet, decision to forward/ drop
packet based on:
o
o
o
Source IP address, destination IP address
TCP/UDP source and destination port numbers
TCP SYN and ACK bit (identify client vs. server)
References




Our textbook
http://www.aw.com/kurose-ross/
http://www.iec.org
http://amir.herzberg.name