CSCE 790: Computer Network Security - CSE

Download Report

Transcript CSCE 790: Computer Network Security - CSE 

CSCE 715:
Network Systems Security
Chin-Tser Huang
[email protected]
University of South Carolina
Network Security Designs





After discussion of cryptographic tools, we
turn to look at various network security
designs at different layers in protocol stack
Link layer – secure address resolution
Network layer – IPsec, hop integrity
Transport layer – SSL/TLS
Application layer – Kerberos, X.509 certificate,
firewall design
02/18/2009
2
Ethernet




Most widely used LAN technology
Low cost and high flexibility
Versions of different speed: 10Mbps,
100Mbps, Gigabit
Use globally unique media access
control (MAC) address (hardware
address) for every interface card
02/18/2009
3
Use of Hardware Address




Need an address to send a message to
receiver on same Ethernet
IP address is not usable because the
data link does not recognize IP address
Use hardware address to identify
receiver’s interface
Need to resolve receiver’s hardware
address from receiver’s IP address
02/18/2009
4
Address Resolution Protocol


ARP maps each IP address to corresponding
hardware address in subnetwork
For computer i to get hardware address of computer
j, i broadcasts a rqst message with IP address of j to
the subnetwork
i
rqst(ipa.j)
switch
default
router
r
Internet
j
02/18/2009
5
Address Resolution

If j sees a rqst message from i with its IP
address, j sends a rply message with its IP
address and hardware address to i
i
rply(ipa.j,hda.j)
switch
default
router
r
Internet
j
02/18/2009
6
Functions of ARP

Three functions of ARP



Resolving IP addresses
Supporting dynamic assignment of
addresses
Detecting destination failures
02/18/2009
7
ARP Spoofing Attack

To stop traffic from i to j, an adversary sends
to i a spoofed rply message with IP address
of j and a non-existent hardware address
i
switch
default
router
r
Internet
j
A
02/18/2009
rply(ipa.j,hda.x)
8
Another ARP Spoofing Attack

To stop traffic from i to default router r, an
adversary sends to i a spoofed rply message
with IP address of r and its own hardware
address
i
switch
default
router
r
Internet
j
A
02/18/2009
rply(ipa.r,hda.A)
9
Countering ARP Spoofing Attacks

Proposed solutions include ARPWATCH and
static ARP caches


ARPWATCH monitors transmission of rqst and rply
messages over Ethernet and check them against a
database of (IP addr, hardware addr) pairings
Static ARP cache stores permanent (IP addr,
hardware addr) pairings of trusted hosts to avoid
sending rqst and rply messages over Ethernet
02/18/2009
10
Insufficiencies of Proposed Solutions


ARPWATCH does not support dynamic
assignment of IP addresses
Static ARP caches does not support
dynamic assignment of IP addresses
and detection of destination failures
02/18/2009
11
Need for Secure Address Resolution


When a computer receives a message
m, it needs to determine whether m
was indeed sent by claimed source, or
was inserted, modified, or replayed by
an adversary
Use secure address resolution protocol
between each computer and a secure
address resolution server
02/18/2009
12
Architecture of
Secure Address Resolution Protocol
h[i]
s
Applications
Transport
Network
Applications
Transport
Network

Subnetwork
hn[i]
hr[i]
Interface
Subnetwork
invite-accept protocol
request-reply protocol
sn
write arrays
ipa, hda, valid
sr
Interface
Ethernet
02/18/2009
13
Adversary

Adversary can perform three types of
actions to disrupt communication
between server s and any computer h[i]
on the Ethernet



Message loss
Message modification
Message replay
02/18/2009
14
Secure Address Resolution Protocol

Use three mechanisms to counter
adversarial actions



timeouts to counter message loss
shared secrets to counter message
modification
nonces to counter message replay
02/18/2009
15
Invite-Accept Protocol



Periodically, server s sends out an invt
message to every computer on Ethernet
Every up computer is required to send
back an acpt message including its IP
address and hardware address
s updates its address database
according to received acpt messages
02/18/2009
16
Invite-Accept Protocol
s  h[0..n-1]: invt(nc, md)
where md=MD(nc;scr[0])||MD(nc;scr[1])||…||MD(nc;scr[n-1])
h[i]  s: acpt(nc, ipa[i], hda[i], d)
where d=MD(nc;ipa[i];hda[i];scr[i])
02/18/2009
17
Request-Reply Protocol



When a computer needs to resolve a
destination’s hardware address, it sends a
rqst message to server s
If destination’s hardware address is still valid,
s sends back a rply message with address
information
If destination’s hardware address is not valid
anymore, s sends back a rply message with
no address information
02/18/2009
18
Request-Reply Protocol
h[i]  s: rqst(nc, ipa[j], d)
where d=MD(nc;ipa[j];scr[i])
If found,
s  h[i]: rply(nc, ipa[j], hda[j], d)
where d=MD(nc;ipa[j];hda[j];scr[i])
If not found,
s  h[i]: rply(nc, ipa[j], 0, d)
where d=MD(nc;ipa[j];0;scr[i])
02/18/2009
19
Extensions

Four extensions of secure address
resolution protocol




Insecure address resolution
Backup server
System diagnosis
Address resolution across multiple
Ethernets
02/18/2009
20
Next Class

IPsec




Authentication Header (AH)
Encapsulation Security Payload (ESP)
key management
Read Chapter 16
02/18/2009
21