CSE331: Introduction to Networks and Security Lecture 22 Fall 2002.

Slides:



Advertisements
Similar presentations
Security attacks. - confidentiality: only authorized parties have read access to information - integrity: only authorized parties have write access to.
Advertisements

AUTHENTICATION AND KEY DISTRIBUTION
CMSC 414 Computer (and Network) Security Lecture 22 Jonathan Katz.
Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.
COS 461 Fall 1997 Todays Lecture u intro to security in networking –confidentiality –integrity –authentication –authorization u orientation for assignment.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
1 Security Handshake Pitfalls. 2 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: –Authenticate.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
Modelling and Analysing of Security Protocol: Lecture 3 Protocol Goals Tom Chothia CWI.
CSE331: Introduction to Networks and Security Lecture 21 Fall 2002.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
Modelling and Analysing of Security Protocol: Lecture 1 Introductions to Modelling Protocols Tom Chothia CWI.
CSE331: Introduction to Networks and Security Lecture 24 Fall 2002.
More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.
Chapter 9 Cryptographic Protocol Cryptography-Principles and Practice Harbin Institute of Technology School of Computer Science and Technology Zhijun Li.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
Computer Science CSC 774Dr. Peng Ning1 CSC 774 Advanced Network Security Topic 2. Review of Cryptographic Techniques.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Strong Password Protocols
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
11 Secure Sockets Layer (SSL) Protocol (SSL) Protocol Saturday, University of Palestine Applied and Urban Engineering College Information Security.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Chapter 2: Protocol Building Blocks
1 Chapter 9: Key Management All algorithms we have introduced are based on one assumption: keys have been distributed. But how to do that? Key generation,
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Chapter 21 Distributed System Security Copyright © 2008.
Security protocols  Authentication protocols (this lecture)  Electronic voting protocols  Fair exchange protocols  Digital cash protocols.
Security protocols and their verification Mark Ryan University of Birmingham Midlands Graduate School University of Birmingham April 2005 Steve Kremer.
Chapter 1  Introduction 1 Chapter 1: Introduction.
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
Chapter 4 Using Encryption in Cryptographic Protocols & Practices.
1 Lecture 9: Cryptographic Authentication objectives and classification one-way –secret key –public key mutual –secret key –public key establishing session.
Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Digital Signatures, Message Digest and Authentication Week-9.
SARVAJANIK COLLEGE OF ENGINEERING & TECHNOLOGY. Secure Sockets Layer (SSL) Protocol Presented By Shivangi Modi Presented By Shivangi ModiCo-M(Shift-1)En.No
Lecture 5.2: Key Distribution: Private Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.
6 June Lecture 2 1 TU Dresden - Ws on Proof Theory and Computation Formal Methods for Security Protocols Catuscia Palamidessi Penn State University,
Topic 14: Secure Communication1 Information Security CS 526 Topic 14: Key Distribution & Agreement, Secure Communication.
1 Kerberos – Private Key System Ahmad Ibrahim. History Cerberus, the hound of Hades, (Kerberos in Greek) Developed at MIT in the mid 1980s Available as.
The School of Electrical Engineering and Computer Science (EECS) CS/ECE Network Security Dr. Attila Altay Yavuz Authentication Protocols (I): Secure Handshake.
Lecture 5.1: Message Authentication Codes, and Key Distribution
COMP 424 Computer Security Lecture 09 & 10. Protocol ● An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task ●
Secure Sockets Layer (SSL) Protocol by Steven Giovenco.
Network Security and It’s Issues Presenter Prosanta Gope Advisor Prof. Tzonelih Hwang Quantum Information and Network Security Lab, NCKU,2015.
Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.
9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.
1 SUBMITTED BY- PATEL KUMAR C.S.E(8 th - sem). SUBMITTED TO- Mr. DESHRAJ AHIRWAR.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
Chapter eight: Authentication Protocols 2013 Term 2.
@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Dr. Nermi hamza.  A user may gain access to a particular workstation and pretend to be another user operating from that workstation.  A user may eavesdrop.
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Software Security Seminar - 1 Chapter 2. Protocol Building Blocks 발표자 : 최두호 Applied Cryptography.
Network Security and It’s Issues
Outline Designing secure protocols Key exchange protocols
Cryptographic Protocols
AIT 682: Network and Systems Security
Presentation transcript:

CSE331: Introduction to Networks and Security Lecture 22 Fall 2002

CSE331 Fall Announcements Project 3 is available on the web –Get started early! –It’s due 18 Nov. Class is cancelled next Wednesday (Nov. 6 th ) TA will cover projects 3&4 in class Friday, Nov. 8 Professor Gunter will be giving lectures on Nov. 11 th and 13 th

CSE331 Fall Project 3 Distributed Bank Simulation –Java Network Programming –Cryptix Libraries for cryptographic protocols Requirements –Authentication Protocol –Transaction Protocol –Audit Logs Lab support on its way… Bank Server ATM Client ATM Client

CSE331 Fall Recap Cryptographic Hashes Digital Signatures Today: –Protocols –Authentication

CSE331 Fall Protocols: Where We’re Going Overview Entity Authentication Key Establishment SSL Kerberos

CSE331 Fall General Definition of “Protocol” A protocol is a multi-party algorithm –A sequence of steps that precisely specify the actions required of the parties in order to achieve a specified objective. Important that there are multiple participants Typically a situation of heterogeneous trust –Alice may not trust Bart –Bart may not trust the network

CSE331 Fall Characteristics of Protocols Every participant must know the protocol and the steps in advance. Every participant must agree to follow the protocol Big problem: How to deal with bad participants? –3 basic kinds of protocols

CSE331 Fall Arbitrated Protocols Tom is an arbiter –Disinterested in the outcome (doesn’t play favorites) –Trusted by the participants –Trusted 3 rd party Alice Bart Tom

CSE331 Fall Arbitrated Protocols (Continued) Real-world examples: –Lawyers, Bankers, Notary Public Issues: –Finding a trusted 3 rd party –Additional resources needed for the arbitrator –Delay (introduced by arbitration) –Arbitrator might become a bottleneck –Single point of vulnerability: attack the arbitrator!

CSE331 Fall Adjudicated Protocols Alice and Bard record an audit log Only in exceptional circumstances to they contact a trusted 3 rd party. (3 rd party is not always needed.) Tom as the adjudicator can inspect the evidence and determine whether the protocol was carried out fairly Alice Bart Tom Evidence Bart acted fairly.

CSE331 Fall Self-Enforcing Protocols No trusted 3 rd party involved. Participants can determine whether other parties cheat. Protocol is constructed so that there are no possible disputes of the outcome. Alice Bart You’re cheating, Alice!

CSE331 Fall Examples We’ve Seen Arbitrated Protocol –Shared key digital signature algorithm –Trusted 3rd party provided authenticity Adjudicated Protocol –Public key digital signature algorithm –Trusted 3 rd party provided non-repudiation

CSE331 Fall Example: Shared-Key Authentication Assume Alice & Bart already share a key K AB. –The key might have been decided upon in person or obtained from a trusted 3 rd party. Alice & Bart now want to communicate over a network, but first wish to authenticate to each other Alice Bart K AB

CSE331 Fall Solution 1: Weak Authentication Alice sends Bart K AB. –K AB acts as a password. The secret (key) is revealed to passive observers. Only works one-way. –Alice doesn’t know she’s talking to Bart. Alice Bart K AB

CSE331 Fall Solution 2: Strong Authentication Protocol doesn’t reveal the secret. Challenge/Response –Bart requests proof that Alice knows the secret –Alice requires proof from Bart –R A and R B are randomly generated numbers Alice Bart K AB I’m Alice Challenge: Encrypt R B Response: K AB {R B } Challenge: Encrypt R A Response: K AB {R A }

CSE331 Fall (Flawed) Optimized Version Why not send more information in each message? This seems like a simple optimization. But, it’s broken… how? Alice Bart K AB Alice, R A R B, K AB {R A } K AB {R B }

CSE331 Fall Attack: Marvin can Masquerade as Alice Marvin pretends to take the role of Alice in two runs of the protocol. –Tricks Bart into doing Alice’s part of the challenge! –Interleaves two instances of the same protocol. Bart K AB Alice, R A R B, K AB {R A } K AB {R B } Alice, R B R’ B, K AB {R B }

CSE331 Fall Lessons Protocol design is tricky and subtle –“Optimizations” aren’t necessarily good Need to worry about: –Multiple instances of the same protocol running in parallel –Intruders that play by the rules, mostly General principle: –Don’t do anything more than necessary until confidence is built. –Initiator should prove identity before responder takes action (like encryption)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.