Cryptographic Aspects of the Grid Security Cryptographic Aspects of the Grid Security Architecture Olivier Chevassut (LBNL)

Slides:



Advertisements
Similar presentations
TCC 2006 Research on Password-Authenticated Group Key Exchange Jeong Ok Kwon, Ik Rae Jeong, and Dong Hoon Lee (CIST, Korea Univ.) Kouchi Sakurai (Kyushu.
Advertisements

Cryptography and Network Security
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
SOA and Web Services. SOA Architecture Explaination Transport protocols - communicate between a service and a requester. Messaging layer - enables the.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Latest techniques and Applications in Interprocess Communication and Coordination Xiaoou Zhang.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Core Web Service Security Patterns
Cryptography and Network Security Chapter 17
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.
Chapter 8 Web Security.
Secure Systems Research Group - FAU Web Services Standards Presented by Keiko Hashizume.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
SSH Secure Login Connections over the Internet
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
© Oxford University Press 2011 DISTRIBUTED COMPUTING Sunita Mahajan Sunita Mahajan, Principal, Institute of Computer Science, MET League of Colleges, Mumbai.
Network Security Essentials Chapter 5
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (SSL)
Chapter 21 Distributed System Security Copyright © 2008.
PRESENTED BY P. PRAVEEN Roll No: 1009 – 11 – NETWORK SECURITY M.C.A III Year II Sem.
ACM 511 Introduction to Computer Networks. Computer Networks.
CIST/ETRI/ISIT/KDDI/Kyusyu Univ./NICT Joint Research Workshop on Ubiquitous Network Security 2005 Verifier-Based Password-Authenticated Key Exchange Jeong.
© UCL Crypto group Nov-15 Two Formal Views of Authenticated Group Diffie-Hellman Key Exchange E. Bresson (ENS), O. Chevassut (LBL, UCL), O. Pereira (UCL)
Public Key Encryption.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.
CS453: Introduction to Information Security for E-Commerce Prof. Tom Horton.
Traditional Security Issues Confidentiality –Prevent unauthorized access or reading of information Integrity –Insure that writing or operations are allowed.
S imple O bject A ccess P rotocol Karthikeyan Chandrasekaran & Nandakumar Padmanabhan.
Potential vulnerabilities of IPsec-based VPN
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
GRID ANATOMY Advanced Computing Concepts – Dr. Emmanuel Pilli.
Andrew J. Hewatt, Gayatri Swamynathan and Michael T. Wen Department of Computer Science, UC-Santa Barbara A Case Study of the WS-Security Framework.
Universally Composable Authentication and Key-exchange with Global PKI Ran Canetti (TAU and BU) Daniel Shahaf (TAU) Margarita Vald(TAU) PKC2016 Taipei,
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Cryptography CSS 329 Lecture 13:SSL.
1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.
Database Management Systems, 3ed, R. Ramakrishnan and J. Gehrke1 Database architecture and security Workshop 4.
Real time Stock quotes by web Service and Securing XML for Web Services security. Bismita Srichandan
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
Cryptography and Network Security
Secure Sockets Layer (SSL)
Cryptography and Network Security
The Secure Sockets Layer (SSL) Protocol
Cryptography and Network Security
Presentation transcript:

Cryptographic Aspects of the Grid Security Cryptographic Aspects of the Grid Security Architecture Olivier Chevassut (LBNL)

Outline Introduction —motivations —research objectives Modern Cryptography First-Generation Web Services Security Second-Generation Web Services Security Peer-to-Peer Security Conclusion

Motivation An increasing number of distributed applications need to call functionality from other applications over a network, e.g.An increasing number of distributed applications need to call functionality from other applications over a network, e.g. — Web Services for financial transactions — Web Services for computational Grids An increasing number of these distributed applications have security requirementsAn increasing number of these distributed applications have security requirements — confidentiality of data — protection from hackers — protection from viruses and trojan horses

Research Objectives Provide a reliable communication between an initial requestor and a Web Service providerProvide a reliable communication between an initial requestor and a Web Service provider —message-level communication channel connecting the two entities —messages may be operated on by multiple intermediaries that perform actions (e.g, routing) Provide a secure communication between an initial requestor and a Web Service providerProvide a secure communication between an initial requestor and a Web Service provider —support confidentiality, authenticity, and integrity —support authorization and access control —support secure modification of messages operated on by intermediaries

Outline Introduction Modern Cryptography —methodologies to design cryptographic algorithms —a provable secure design First-Generation Web Services Security Second-Generation Web Services Security Peer-to-Peer Security Conclusion

Design Methodologies Ad hoc or heuristic securityAd hoc or heuristic security —attack-response design not successful —helps avoid known attacks Formal Methods [BAN90]Formal Methods [BAN90] —formal specification tools —successful at finding flaws and redundancy —assurance limited to formal system Provable Security [GM85]Provable Security [GM85] —based on complexity theory —successful at avoiding flaws —useful to validate cryptographic algorithms

How the Science of Provable Security Works 1. Specification of a model of computation –instances of players are modeled via oracles –adversary controls all interactions among the oracles –adversary’s capabilities are modeled by queries to the oracles –adversary plays a game against the oracles 2. Definition of the security goals –authentication and secrecy of session keys –Forward-Secrecy (FS) and Denial of Service (DoS), dictionary attacks 3. Statement of the intractability assumptions –computational/decisional Diffie-Hellman (CDH and DDH) 4. Description of the algorithm and its proof of security –proof shows by contradiction that the algorithm achieves the security goals under the intractability assumptions

Outline Introduction Modern Cryptography First-Generation Web Services Security —transport-layer security is a pragmatic solution —provably secure key-exchange primitives Second-Generation Web Services Security Peer-to-Peer Security Conclusion

Security at the Transport Layer : Architecture Transport Control Protocol (TCP) Hypertext Transfer Protocol (HTTPS) Secure Socket Layer Protocol (SSL) symmetric crypto algorithms key-exchange algorithm

Security at the Transport Layer : Components The TCP protocol provides a reliable communication between the requestor and the WS-provider supportingThe TCP protocol provides a reliable communication between the requestor and the WS-provider supporting —reliable delivery of messages —fifo ordered delivery of messages —membership notifications The SSL protocol provides a secure communication between the requestor and the WS-provider supportingThe SSL protocol provides a secure communication between the requestor and the WS-provider supporting —confidentiality, authenticity, and integrity —authorization and access control —security services optional

A PKI-based Key-Exchange Cryptographic Algorithm Enable the requester and the Web Services provider to establish a session key skEnable the requester and the Web Services provider to establish a session key sk Achieve data secrecy and integrity using the session key to key the AES and HMAC cryptographic primitivesAchieve data secrecy and integrity using the session key to key the AES and HMAC cryptographic primitives x1x1 x2x2 [gx2][gx2] [gx1][gx1] sk = g x 1 x 2 WS-providerRequester

Outline Introduction Modern Cryptography First-Generation Web Services Security Second-Generation Web Services Security —abstract security from the underlying network —SSL-like message-level protocol Peer-to-Peer Security Conclusion

Security at the Application Layer : Architecture Simple Object Access Protocol (SOAP) WS-SecureConversation WS-Security

Security at the Application Layer : Architecture The SOAP protocol provides a loosely-coupled, language- neutral, platform-independent way of linking applications across the InternetThe SOAP protocol provides a loosely-coupled, language- neutral, platform-independent way of linking applications across the Internet —Remote Procedure calls (RPC SOAP) —Messaging between applications (Document-based SOAP) The WS-Security Specification protect sensitive data byThe WS-Security Specification protect sensitive data by —encrypting and signing them —enclosing them in an XML form in SOAP messages The WS-SecureConversation specification is a security message-level protocol (similar to SSL)The WS-SecureConversation specification is a security message-level protocol (similar to SSL) —use WS-Security to achieve confidentiality, authenticity, integrity —use WS-Policy and WS-Trust specifications to achieve authorization and access control

A PKI-based Key-Exchange Cryptographic Algorithm Enable the requester and the Web Services provider to establish a session key skEnable the requester and the Web Services provider to establish a session key sk Achieve data secrecy and integrity using the session key to key the AES and HMAC cryptographic primitivesAchieve data secrecy and integrity using the session key to key the AES and HMAC cryptographic primitives x1x1 x2x2 [g x 2 ] XML-Sig [g x 1 ] XML-Sig sk = g x 1 x 2 WS-providerRequester

Security Measurement: Authenticated Key Exchange Theorem of SecurityTheorem of Security Adv ake (t,q s,q h )  n · Succ cma (t’ ) + 2 · q s n. ·q h ·Succ gcdh (t’’ ) t’,t’’  t + q s · n ·T exp (k) The adversary can break the algorithm in two waysThe adversary can break the algorithm in two ways (1) the adversary forges a signature w.r.t some player’s LL-key => it is possible to build a forger (CMA) (2) the adversary is able to guess the bit b involved in the Test-query => it is possible to solve an instance of the GCDH problem

A Password-based Key-Exchange Cryptographic Algorithm Enable the requester and the Web Services provider to establish a session key skEnable the requester and the Web Services provider to establish a session key sk Achieve data secrecy and integrity using the session key to key the AES and HMAC cryptographic primitivesAchieve data secrecy and integrity using the session key to key the AES and HMAC cryptographic primitives x1x1 x2x2 [g x 2 ] pw [g x 1 ] pw sk = g x 1 x 2 WS-providerRequester

Security Measurement : Dictionary Attacks Ideal-cipher assumptionIdeal-cipher assumption TheoremTheorem Adv ake (T,q s,q e )  2 q s / N + 2 q s · (n-1) · Adv ddh (T’ ) + 2 ·q h ·Succ tgcdh (T’ ) + Cte T’  T + n · (3q s +q e ) ·T exp (k) The theorem shows that the security against dictionary attacks since the advantage of the adversary grows essentially with the ratio of interactions (number of send- queries) to the number of password. The security holds provided that DDH, TGCDH and M-DDH are hard. These terms can be made negligible.

Outline Introduction Modern Cryptography First-Generation Web Services Security Second-Generation Web Services Security Peer-to-Peer Security —multicast-transport security is a pragmatic solution —SSL-like group communication protocol Conclusion

Security at the Multicast-Transport Layer: Architecture Reliable Multicast Transport Protocol Collaborative Application Secure Group Layer (SGL) Symmetric cryptographic algorithms Group DH key exchange algorithm Access control algorithm

The Reliable Multicast Transport Layer Provide SGL with reliable and ordered delivery of messagesProvide SGL with reliable and ordered delivery of messages —data messages are delivered in order - FIFO, partial, and total - at each member of the group Provide SGL with membership notificationsProvide SGL with membership notifications —membership changes delivered in order with respect to data messages Several systems provide a reliable multicast layerSeveral systems provide a reliable multicast layer —e.g., Totem and InterGroup

The Secure Group Layer Symmetric crypto algorithms (e.g. Rijndael and HMAC) —implement an authenticated and encrypted channel A group key-exchange cryptographic primitive enables group members to establish a session key A certificate-based access control mechanism makes sure that only the legitimate parties have access to the session key —off-line (does not participate in key exchange)

The Group Key-Exchange Algorithm [g, g x 1 ] [gx2,gx1,gx1x2][gx2,gx1,gx1x2] [g x 2 x 3, sk = g x 1 x 2 x 3 x1x1 x2x2 x3x3 Up-flow: U i raises received values to the power of x i and forwards to U i+1 Down-flow: U n processes the last up-flow and broadcasts gx1x3]gx1x3]

Security Measurement: Authenticated Key Exchange (AKE) TheoremTheorem Adv ake (t,Q,q s,q h )  2 · n · Succ cma (t’ ) + 2 · Q ·( n s ) ·s ·q h ·Succ gcdh (t’’ ) t’,t’’  t + (Q+q s ) · n ·T exp (k) The adversary can break the protocol in two waysThe adversary can break the protocol in two ways (1) the adversary forges a signature w.r.t some player ’s LL-key => it is possible to build a forger (CMA) (2) the adversary is able to guess the bit b involved in the Test-query => it is possible to come up with an algo that solves an instance of the GCDH problem

The Access Control Algorithm in SGL : a user join 1. Authorization: The user requests its permission from TTP and obtains a membership authorization certificate 2. Join multicast group: 2.1.The user submits a join request 2.2. Secure Group Layer gets a membership change notification 3. Access control: 3.1. The user broadcasts its certificate 3.2. U gc checks the user’s permission and, if authorized, initiates group DH key exchange 4. Deliver secure membership: When the group DH key exchange is done, Secure Group Layer delivers the secure membership notification to the application Secure Group Layer Authorization TTP Reliable multicast transport Reliable multicast transport Reliable multicast transport UserGroup ControllerApplication

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.