Chapter 8, slide: 1 ECE/CS 372 – introduction to computer networks Lecture 18 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5.

Slides:



Advertisements
Similar presentations
Network Security7-1 Chapter 7 Network Security Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley,
Advertisements

Cryptography. 8: Network Security8-2 The language of cryptography symmetric key crypto: sender, receiver keys identical public-key crypto: encryption.
Public Key Cryptography & Message Authentication By Tahaei Fall 2012.
Network Security Hwajung Lee. What is Computer Networks? A collection of autonomous computers interconnected by a single technology –Interconnected via:
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
8: Network Security Security. 8: Network Security8-2 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides.
Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
1 ITC242 – Introduction to Data Communications Week 11 Topic 17 Chapter 18 Network Security.
CSE401n:Computer Networks
Network Security understand principles of network security:
Public Key Cryptography
8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Lecture 24 Cryptography CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose and Keith Ross and Dave Hollinger.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
Lecture 23 Cryptography CPE 401 / 601 Computer Network Systems Slides are modified from Jim Kurose & Keith Ross.
Lecture 15 Lecture’s outline Public algorithms (usually) that are each other’s inverse.
Behzad Akbari Spring In the Name of the Most High.
1-1 1DT066 Distributed Information System Chapter 8 Network Security.
Lecture 17 Network Security CPE 401/601 Computer Network Systems slides are modified from Jim Kurose & Keith Ross All material copyright J.F.
8-1Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography 8.3 Message integrity, authentication.
 This Class  Chapter 8. 2 What is network security?  Confidentiality  only sender, intended receiver should “understand” message contents.
22-1 Last time □ SMTP ( ) □ DNS This time □ P2P □ Security.
Network Security7-1 Chapter 8: Network Security Chapter goals: r understand principles of network security: m cryptography and its many uses beyond “confidentiality”
Computer and Internet Security. Introduction Both individuals and companies are vulnerable to data theft and hacker attacks that can compromise data,
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Day 37 8: Network Security8-1. 8: Network Security8-2 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key:
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 11 Network Security (1)
Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
8: Network Security 8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts.
1-1 1DT066 Distributed Information System Chapter 8 Network Security.
1 Security and Cryptography: basic aspects Ortal Arazi College of Engineering Dept. of Electrical & Computer Engineering The University of Tennessee.
Upper OSI Layers Natawut Nupairoj, Ph.D. Department of Computer Engineering Chulalongkorn University.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 2: Message integrity.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
1 Network Security Basics. 2 Network Security Foundations: r what is security? r cryptography r authentication r message integrity r key distribution.
Network Security7-1 CAP6135: Malware and Software Vulnerability Analysis Basic Knowledge on Computer Network Security Cliff Zou Spring 2011.
Network Security7-1 Today r Reminders m Ch6 Homework due Wed Nov 12 m 2 nd exams have been corrected; contact me to see them r Start Chapter 7 (Security)
+ Security. + What is network security? confidentiality: only sender, intended receiver should “understand” message contents sender encrypts message receiver.
Computer and Network Security - Message Digests, Kerberos, PKI –
Network Security7-1 Chapter 8: Network Security Chapter goals: r Understand principles of network security: m cryptography and its many uses beyond “confidentiality”
1 Cryptography Troy Latchman Byungchil Kim. 2 Fundamentals We know that the medium we use to transmit data is insecure, e.g. can be sniffed. We know that.
 Last Class  Chapter 7 on Data Presentation Formatting and Compression  This Class  Chapter 8.1. and 8.2.
Lecture 22 Network Security (cont) CPE 401 / 601 Computer Network Systems slides are modified from Dave Hollinger slides are modified from Jim Kurose,
Cryptography services Lecturer: Dr. Peter Soreanu Students: Raed Awad Ahmad Abdalhalim
8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.
Network security Cryptographic Principles
Chapter 8: Network Security
Public-Key Cryptography and Message Authentication
What is network security?
Chapter 7 Network Security
ECE/CS 372 – introduction to computer networks Lecture 16
Basic Network Encryption
Chapter 8: Network Security
Network Security Basics
1DT057 Distributed Information System Chapter 8 Network Security
Intro to Cryptography Some slides have been taken from:
Encryption INST 346, Section 0201 April 3, 2018.
Basic Network Encryption
Security: Integrity, Authentication, Non-repudiation
Chapter 8: Network Security
Chapter 8 roadmap 8.1 What is network security?
Chapter 8: Network Security
Presentation transcript:

Chapter 8, slide: 1 ECE/CS 372 – introduction to computer networks Lecture 18 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5 are posted and are due Wednesday Acknowledgement: slides drawn heavily from Kurose & Ross

Chapter 8, slide: 2 Chapter 8: Network Security Goals: r understand principles of network security:  cryptography and its many uses beyond “confidentiality”  authentication  message integrity r Example: securing

Chapter 8, slide: 3 Q: what should Bob & Alice be concerned about? r eavesdrop: messages are intercepted r change: messages are modified r impersonation: entire communication is hijacked by replacing sender or receiver by himself r denial of service: prevent services (e.g., by overloading resources) Bob, Alice want to communicate “securely” sender receiver Messages data Alice Bob Trudy confidentiality integrity authentication availability r Trudy is an enemy (intruder): “bad” guy

Chapter 8, slide: 4 Who might Bob, Alice be? … well, real-life Bobs and Alices! r Web browser/server for electronic transactions (e.g., on-line purchases) r on-line banking client/server r DNS servers r routers exchanging routing table updates

Chapter 8, slide: 5 What is network security? Goals of network security: Confidentiality: only sender, intended receiver should “understand” message contents  sender encrypts message  receiver decrypts message Authentication: sender, receiver want to confirm identity of each other Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection Availability: services must be accessible and available to users

Chapter 8, slide: 6 Chapter 8 roadmap r Principles of cryptography r Message integrity r Securing

Chapter 8, slide: 7 Cryptography r Cryptography allows a sender to disguise a message so that an intruder can’t gain information from it “ confidentiality ” plaintext ciphertext K A encryption algorithm decryption algorithm Alice’s encryption key Bob’s decryption key K B All terms marked in red are crypto terminology

Chapter 8, slide: 8 Types of cryptography symmetric key - both sender and receiver use identical key e.g., sender A encrypts with the key receiver B decrypts with same key public/private keys - two keys (public and private) are to be used e.g., sender A encrypts with B’s public key receiver B decrypts with its Private key

Chapter 8, slide: 9 Symmetric key cryptography symmetric key crypto: Bob and Alice share/know same (symmetric) key: K r Q: how do Bob and Alice agree on key value? plaintext ciphertext K A-B encryption algorithm decryption algorithm A-B K plaintext message, m K (m) A-B K (m) A-B m = K ( ) A-B

Chapter 8, slide: 10 Symmetric key cryptography monoalphabetic cipher: substituting one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc E.g.: Q: How hard to break this simple cipher?: A: brute force (how hard?) how many possibilities? 26! Q: what is the encryption & decryption key?: A: the mapping

Chapter 8, slide: 11 Symmetric key cryptography polyalphabetic cipher: multiple monoalphabetic ciphers Eg.: C1, C2, C2, C3 (with 3 monoalphabetic cipher keys) First letter, apply C1 Second letter, apply C2 Third letter, apply C2 Fourth letter, apply C3 Then, repeat r Harder to break! By avoiding patterns, same letter may appear in different positions r Key is “C1, C2, C2, C3”

Chapter 8, slide: 12 Symmetric key cryptography block cipher: msg is encrypted in blocks of k bits (independently) r Each k-bit block is encrypted/mapped r Possible mappings: 2 k ! r Hard to break Problem r Hard to implement, with k=64, sender and receiver need to store a mapping table of 2 64 entries !! Huge!! Solution r Use of functions: break blocks into smaller chunks

Chapter 8, slide: 13 Block Cipher r one pass through: one input bit affects eight output bits 64-bit input T1T1 8bits 64-bit scrambler 64-bit output loop for n rounds T2T2 T3T3 T4T4 T6T6 T5T5 T7T7 T8T8 r multiple passes: each input bit affects all output bits

Chapter 8, slide: 14 Cipher Block Chaining Problem w/ Cipher Block r if input block is repeated, it produces same cipher text: t=1 m(1) = “HTTP/1.1” block cipher c(1) = “k329aM02” … r cipher block chaining: XOR ith input block, m(i), with previous block of cipher text, c(i-1)  c(0) transmitted to receiver in clear  what happens in “HTTP/1.1” scenario from above? t=17 m(17) = “HTTP/1.1” block cipher c(17) = “k329aM02” + m(i) c(i) block cipher c(i-1)

Chapter 8, slide: 15 ECE/CS 372 – introduction to computer networks Lecture 19 Announcements: r Final exam will take place August 13 th,2012 r HW4 and Lab5 are posted and are due Wednesday Acknowledgement: slides drawn heavily from Kurose & Ross

Chapter 8, slide: 16 Public key cryptography symmetric key crypto r requires sender, receiver know shared secret key r Q: how to agree on key in first place (particularly if never “met”)? public key cryptography r radically different approach r Two keys  Public key: encryp. key known to all  Private key: decryp. key known only to receiver r Sender uses public key only to encryp r Reciever uses both keys to decryp.

Chapter 8, slide: 17 Public key cryptography plaintext message, m ciphertext encryption algorithm decryption algorithm Bob’s public key plaintext message K (m) B + K B + Bob’s private key K B - m = K ( K (m) ) B + B - r Note: only Bob is able to understand (decrypt) message m. Because only Bob has Bob’s private key r This assures “confidentiality”

Chapter 8, slide: 18 Public key encryption algorithms need K ( ) and K ( ) such that B B.. given public key K, it should be impossible to compute private key K B B Requirements: 1 2 RSA: Rivest, Shamir, Adleman algorithm + - K (K (m)) = m B B

Chapter 8, slide: 19 RSA: Choosing keys 1. Choose two large prime numbers p, q. (e.g., 1024 bits each) 2. Compute n = pq, z = (p-1)(q-1) 3. Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”). 4. Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). 5. Public key is (n,e). Private key is (n,d). K B + K B -

Chapter 8, slide: 20 RSA: Encryption, decryption 0. Given (n,e) and (n,d) as computed above 1. To encrypt bit pattern, m, compute c = m mod n e (i.e., remainder when m is divided by n) e 2. To decrypt received bit pattern, c, compute m = c mod n d (i.e., remainder when c is divided by n) d m = (m mod n) e mod n d Magic happens! c

Chapter 8, slide: 21 RSA example: Bob chooses p=5, q=7. Then n=35, z=24. e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z). letter m m e c = m mod n e l c m = c mod n d c d letter l encrypt: decrypt:

Chapter 8, slide: 22 Another RSA example: Bob chooses p=5, q=11. Question: Find (n,e) and (n,d) Step 1: Compute n = pq, z = (p-1)(q-1) Step 2: Choose e (with e<n) that has no common factors with z. (e, z are “relatively prime”). Step 3: Choose d such that ed-1 is exactly divisible by z. (in other words: ed mod z = 1 ). Step 4: Public key is (n,e). Private key is (n,d). K B + K B -

Chapter 8, slide: 23 RSA: another important property The following property will be very useful later: K ( K (m) ) = m B B - + K ( K (m) ) B B + - = use public key first, followed by private key use private key first, followed by public key Result is the same!

Chapter 8, slide: 24 Chapter 8 roadmap r Principles of cryptography r Message integrity r Securing

Chapter 8, slide: 25 Message Integrity/Authentication Bob receives msg from Alice, wants to ensure:  Authentication: message originally came from Alice  Integrity: message not changed since sent by Alice Cryptographic Hashing: r What:  take input m, produce fixed length value, H(m)  e.g., as in Internet checksum r Properties of H:  given m = H(x), (x unknown), it is computationally infeasible to determine x.  difficult to find x  y such that H(x) = H(y)  note: Internet checksum fails this requirement! r Examples  widely used hash functions: MD5, SHA

Chapter 8, slide: 26 Internet checksum: poor crypto hash function r Internet checksum has some properties of hash function: ü produces fixed length digest (16-bit sum) of message ü is many-to-one r But given message with given hash value, it is easy to find another message with same hash value: I O U B O B 49 4F E F 42 message ASCII format B2 C1 D2 AC I O U B O B 49 4F E F 42 message ASCII format B2 C1 D2 AC different messages but identical checksums!

Chapter 8, slide: 27 MAC: Message Authentication Code m s (shared secret) (message) H(. ) H(m+s) public Internet append m H(m+s) s compare m H(m+s) H(. ) H(m+s) (shared secret) r Does MAC solve  Integrity ?? How ??  Authentication ?? How ?? r Any problem ??  Secret key distribution ?? r So we can’t really authenticate via MAC alone via Hashing via secret key

Chapter 8, slide: 28 Digital Signatures via Public Key Crypto simple digital signature for message m: r Bob “signs” m by encrypting with his private key K B, creating “signed” message, K B (m) - - Dear Alice Oh, how I have missed you. I think of you all the time! …(blah blah blah) Bob Bob’s message, m public key encryption algorithm Bob’s private key K B - Bob’s message, m, signed (encrypted) with his private key K B - (m)

Chapter 8, slide: 29 Digital Signatures via Public Key Crypto (more) r suppose Alice receives msg m, digital signature K B (m) r Alice verifies m signed by Bob by applying Bob’s public key K B to K B (m) then checks K B (K B (m) ) = m. r if K B (K B (m) ) = m, whoever signed m must have used Bob’s private key Alice thus verifies that: ü Bob signed m. ü No one else signed m. ü Bob signed m and not m’. -

Chapter 8, slide: 30 MAC via private/public keys m Alice’s private key (message) m public Internet append m compare m K A - K (m) A - A - A - Alice’s public key K A + K (m) A - m m r Note: only Alice would have had her private key r This assures “authentication”

Chapter 8, slide: 31 Digital Signatures via Public Key Crypto (more) Problem r Signing data by encryption and decryption is computationally expensive r Imagine encrypting (signing) huge files of data !!! - Solution r Sign hashed output of original msg (sign H(m) only) r Recall hash algorithms turn large msgs into small, fixed length msg r … signed MAC is the solution

Chapter 8, slide: 32 large message m H: hash function H(m) digital signature (encrypt) Bob’s private key K B - + Bob sends digitally signed message: Alice verifies signature and integrity of digitally signed message: K B (H(m)) - encrypted msg digest K B (H(m)) - encrypted msg digest large message m H: hash function H(m) digital signature (decrypt) H(m) Bob’s public key K B + equal ? Digital signature = signed MAC = authentication + integrity

Chapter 8, slide: 33 Public Key Certification Problem with public key: r When Alice obtains Bob’s public key (from web site, , diskette), how does she know it is Bob’s public key, not Trudy’s? solution: r trusted certification authority (CA)

Chapter 8, slide: 34 Certification Authorities r Certification Authority (CA): binds public key to particular entity, E. r E registers its public key with CA.  E provides “proof of identity” to CA.  CA creates certificate binding E to its public key.  certificate containing E’s public key digitally signed by CA: CA says “This is E’s public key.” Bob’s public key K B + Bob’s identifying information digital signature (encrypt) CA private key K CA - K B + certificate for Bob’s public key, signed by CA - K CA (K ) B +

Chapter 8, slide: 35 Certification Authorities r when Alice wants Bob’s public key:  gets Bob’s certificate  apply CA’s public key to Bob’s certificate, get Bob’s public key Bob’s public key K B + digital signature (decrypt) CA public key K CA + K B + - K (K ) B +

Chapter 8, slide: 36 Get Bob’s public key from CA CA’s private key (Bob’s public key) public Internet append compare K CA - CA’s public key K CA + K B + r Alice just got Bob’s public key (authenticated key) r Of course, here we assume that you have CA’s public key !!! Need to get it physically !!! K B + K B + - K CA (K ) B + K B + - K CA (K ) B + K CA (K ) B + - K B + K B +

Chapter 8, slide: 37 Chapter 8: Recap So far: r Cryptography & confidentiality  Symmetric key  Public key: A wants to send msg m to B. What does A send? A sends K B + (m); hence, ONLY B understands m by applying K B - (K B + (m)) => confidentiality r Authentication & integrity  MAC (Msg Authen. Code): requires symmetric key  Signed MAC: A -> B A sends (m,K A - (m)) to B, Hence, All get m by applying K A + (K A - (m)); Comparison => authen. + integrity, but NOT confidentiality Note: Sender applies receiver’s public key Note: Sender applies its private key

Chapter 8, slide: 38 Chapter 8 roadmap r Principles of cryptography r Message integrity r Securing

Chapter 8, slide: 39 Secure (confidentiality) Alice:  generates random symmetric private key, K S.  encrypts message with K S (for efficiency)  also encrypts K S with Bob’s public key.  sends both K S (m) and K B (K S ) to Bob.  Alice wants to send confidential , m, to Bob. K S ( ). K B ( ) K S (m ) K B (K S ) + m KSKS KSKS KBKB + Internet K S ( ). K B ( ). - KBKB - KSKS m K S (m ) K B (K S ) + A B Bob:  uses his private key to decrypt and recover K S  uses K S to decrypt K S (m) to recover m Note that to provide confidentiality, sender encrypts with receiver’s public key (ONLY receiver should see msg)

Chapter 8, slide: 40 Secure (authen. + integrity) Alice wants to provide sender authentication/integrity. Alice digitally signs message. sends both message (in the clear) and digital signature. H( ). K A ( ) H(m ) K A (H(m)) - m KAKA - Internet m K A ( ). + KAKA + K A (H(m)) - m H( ). H(m ) compare A B Again note that to provide authenticate/integrity, sender encrypts with its private (all can understand msg)

Chapter 8, slide: 41 Secure (all: confid. + auth. + integrity) Alice wants to provide secrecy, sender authentication, message integrity. Alice uses three keys: her private key, Bob’s public key, newly created symmetric key H( ). K A ( ). - + K A (H(m)) - m KAKA - m K S ( ). K B ( ). + + K B (K S ) + KSKS KBKB + Internet KSKS A

Chapter 8, slide: 42 The end of class! Acknowledgement: slides drawn heavily from Kurose & Ross