Transcript ppt

Firewalls
1
What is a firewall?
•
•
Device that provides secure connectivity between networks
(internal/external; varying levels of trust)
Used to implement and enforce a security policy for
communication between networks
Trusted Networks
Untrusted Networks
& Servers
Firewall
Untrusted Users
Internet
Router
Intranet
DMZ
Public Accessible
Servers & Networks
Trusted Users
2
Firewalls
•
•
•
From Webster’s Dictionary: a wall
constructed to prevent the spread of fire
Internet firewalls are more the moat around a
castle than a building firewall
Controlled access point
3
Firewalls can:
• Restrict incoming and outgoing traffic by IP
address, ports, or users
• Block invalid packets
4
Firewalls Cannot Protect…
• Traffic that does not cross it
– routing around
– Internal traffic
• When misconfigured
5
Access Control
ALERT!!
Internet
Security Requirement
• Control access to network information and resources
• Protect the network from attacks
6
Filtering
• Packets checked then passed – typically route packets
• Inbound & outbound affect when policy is checked
• Packet filtering
– Access Control Lists
• Session filtering
– Dynamic Packet Filtering
– Stateful Inspection
– Context Based Access Control
• Fragmentation/reassembly
• Sequence number checking
• ICMP
7
Packet Filtering
• Decisions made on a per-packet basis
• No state information saved
8
Packet Filter
Applications
Applications
Presentations
Presentations
Sessions
Sessions
Transport
Transport
Network
Network
DataLink
DataLink
DataLink
Physical
Physical
Physical
Router
Session Filtering
• Packet decision made in the context of a
connection
• If packet is a new connection, check against
security policy
• If packet is part of an existing connection,
match it up in the state table & update table
10
Session Filtering

Screens ALL attempts, Protects All applications

Extracts & maintains ‘state’ information

Makes an intelligent security / traffic decision
Applications
Applications
Presentations
Applications
Presentations
Sessions
Presentations
Sessions
Transport
Sessions
Transport
Network
Transport
Network
Network
DataLink
DataLink
DataLink
Physical
Physical
Physical
Dynamic
Dynamic
Dynamic
State
Tables
State
StateTables
Tables
11
Proxy Firewalls
• Relay for connections
• Client <-> Proxy <->Server
• Two flavors
– Application Level
– Circuit Level
12
Application Gateway
• Understand specific applications
– Limited proxies available
– Proxy “impersonate” both sides of the connection
• Resource intensive
– Process per connection
•
•
•
•
HTTP proxies may cache we pages
More appropriate for TCP
Block all unless specifically allowed
Must write a new proxy application to support new
applications
– Non Trivial
13
Application Layer GW/proxy
Telnet
FTP
HTTP
Applications
Applications
Applications
Presentations
Presentations
Presentations
Sessions
Sessions
Sessions
Transport
Transport
Transport
Network
Network
Network
DataLink
DataLink
DataLink
Physical
Physical
Physical
Application Gateway
Encryption (VPNs)
• Allows trusted users to access sensitive
information while traversing untrusted
networks
• Useful for remote users/sites
• IPSec
• Encrypted Tunnels
15
PGP
16
Pretty Good Privacy (PGP)
•
•
•
•
•
widely used de facto secure email
developed by Phil Zimmermann
selected best available crypto algs to use
integrated into a single program
available on Unix, PC, Macintosh and Amiga
systems
• originally free, now have commercial versions
available also
17
PGP
• Five services
– Authentication, confidentiality, compression,
email compatibility, segmentation
• Functions
–
–
–
–
–
Digital signature
Message encryption
Compression
Email compatibility
segmentation
18
PGP Operation – Integrity and Authentication
1. Sender creates a message
2. SHA-1 used to generate 160-bit hash code of
message
3. hash code is encrypted with RSA using the sender's
private key, and result is attached to message
4. receiver uses RSA or DSS with sender's public key
to decrypt and recover hash code
5. receiver generates new hash code for message and
compares with decrypted hash code, if match,
message is accepted as authentic
19
Pretty Good Privacy (PGP) - Message
Integrity and Authentication
Sender identity and message
integrity confirmed
if checksums match
Calculate MD5 checksum
over message contents
Calculate MD5 checksum on
received message and compare
against received value
Sign checksum using RSA
w ith senderÕs private key
Decrypt signed checksum
w ith senderÕs public key
Transmitted message
20
PGP Operation – Confidentiality
1. sender generates message and random 128-bit
number to be used as session key for this message
only
2. message is encrypted, using CAST-128 /
IDEA/3DES with session key
3. session key is encrypted using RSA with recipient's
public key, then attached to message
4. receiver uses RSA with its private key to decrypt and
recover session key
5. session key is used to decrypt message
21
PGP Message Encryption
Create a random secret key
Original message
k
Encrypt message using
DES with secret key
Encrypt
Decrypt message using
k
DES with secret key
k using RSA with
Decrypt
recipient s‘ public key
Encode message +
E( k ) using RSA with
my private key
E (k )
k
k
Convert ASCII message
in ASCII for transmission
Transmitted message
22
PGP Operation – Compression
• by default PGP compresses message after
signing but before encrypting
– so can store uncompressed message & signature
for later verification
– & because compression is non deterministic
• uses ZIP compression algorithm
23
Segmentation & Reassembly
• Email systems impose maximum length
– 50 Kb, for example
• PGP provides automatic segmentation
– Done after all other operations
– Thus only one session key needed
24
PGP
• Alice wants to provide secrecy, sender authentication,
message integrity.
-
KA
m
.
H( )
-
.
KA( )
-
KA(H(m))
+
KS
.
KS( )
+
m
KS
+
.
K B( )
+
Internet
+
KB(KS )
KB
Alice uses three keys: her private key, Bob’s public key,
newly created symmetric key
25
Folklore
26
Perfect Forward Security
• A protocol property that prevents someone
who records an encrypted conversation from
being able to later decrypt the conversation
• Keep the conversation secret from
– Someone (an escrow agent, attacker..) who knows
the long-term key
• Two ways
– A Diffie-Hellman exchange, then forget DH
information
– Ephemeral public/private key pair
27
Change Keys Periodically
• The more examples of ciphertexts you can see,
the more likely you can break the encryption
and find the key
• Change keys (key rollover)
28
Continue..
• Use different keys in the two directions
• Use different secret keys for encryption vs.
integrity protection
• Use different keys for different purposes
29
Continue..
•
•
•
•
•
•
•
•
Have both sides contribute to the master key
HMAC rather than Simple MD
Key expansion
Randomly Chosen IVs
Use nonce in protocols
Compress data before encrypting it
Do not do encryption only
Minimal vs. redundant designs
30
Continue…
• Put Checksums at the end of data
• Forward Compatibility
• Negotiating Parameters
– Different Algorithms
31