Security (and privacy) Larry Rudolph With help from Srini Devedas, Dwaine Clark.

Slides:



Advertisements
Similar presentations
Chapter 14 – Authentication Applications
Advertisements

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Grid Security. Typical Grid Scenario Users Resources.
PGP Overview 2004/11/30 Information-Center meeting peterkim.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
DGC Paris Community Authorization Service (CAS) and EDG Presentation by the Globus CAS team & Peter Kunszt, WP2.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Netprog: Security1 Security Terminology Traditional Unix Security TCP Wrapper Cryptography Kerberos.
CMSC 414 Computer and Network Security Lecture 22 Jonathan Katz.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
1 Authentication Protocols Celia Li Computer Science and Engineering York University.
Security Protocols in Automation Dwaine Clarke MIT Laboratory for Computer Science January 8, 2002 With help from: Matt Burnside, Todd.
Chapter 10: Authentication Guide to Computer Network Security.
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Registration Processing for the Wireless Internet Ian Gordon Director, Market Development Entrust Technologies.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
Kerberos Named after a mythological three-headed dog that guards the underworld of Hades, Kerberos is a network authentication protocol that was designed.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.
Module 4 Network & Application Security: Kerberos – X509 Authentication service – IP security Architecture – Secure socket layer – Electronic mail security.
Protocols for public-key management. Key management –two problems Distribution of public keys (for public- key cryptography) Distribution of secret keys.
Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
3/15/01CSCI {4,6}900: Ubiquitous Computing1 Announcements.
SDSI -- A Simple Distributed Security Infrastructure by Ronald L. Rivest MIT Lab for Computer Science (joint work with Butler Lampson)
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
Pkiuniversity.com. Alice Bob Honest Abe’s CA Simple PKI hierarchy.
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
Integrating Access Control with Intentional Naming Sanjay Raman MIT Laboratory for Computer Science January 8, 2002 With help from: Dwaine.
Digital Signatures and Digital Certificates Monil Adhikari.
SDSI -- A Simple Distributed Security Infrastructure by Ronald L. Rivest MIT Lab for Computer Science (joint work with Butler Lampson)
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.
Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.
Integrating Access Control with Intentional Naming Sanjay Raman MIT Laboratory for Computer Science January 8, 2002 With help from: Dwaine.
X509 Web Authentication From the perspective of security or An Introduction to Certificates.
SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Key management issues in PGP
Grid Security.
Cryptography and Network Security
Authentication Applications
Information Security message M one-way hash fingerprint f = H(M)
Using SSL – Secure Socket Layer
Presentation transcript:

Security (and privacy) Larry Rudolph With help from Srini Devedas, Dwaine Clark

6.893 Spring 2004: Security Larry Rudolph Who cares about security? Especially important with wireless devices Are you allowed to use this device? authorization Are you who you say you are? authentication Is this device what you think it is? authentication

6.893 Spring 2004: Security Larry Rudolph Where do we need security? Communicate thru insecure area Over internet Through air (bluetooth, ,..) USB keyboard, Monitor via cable Assumed to be secure Shared resources or devices

6.893 Spring 2004: Security Larry Rudolph Public Key Cryptosystem Very quick overview Two keys: K1=Public Key, K2= Private Key Encrypt message, M: E(M,K1) Decrypt message M: D(M,K2) where M = D( E(M,K1), K2) and M = E( D(M,K2), K1) Given K1, M, E(M,K1) cannot easily compute K2.

6.893 Spring 2004: Security Larry Rudolph Signing Messages Alice & Bob have keys A1, A2, B1, B2 When alice sends message M to bob E( M & E(A, A2), B1 ) Bob decrypts message and then uses Alice’s public key, A1 to decrypt the name Alice (A). Bob knows that Alice sent the msg ??

6.893 Spring 2004: Security Larry Rudolph Certification Authority No, it all depends on having correct public keys. How did Alice know that B1 is Bob’s public key? Use a certification authority: some trusted site that associates keys with names. Hierarchy of CA’s

6.893 Spring 2004: Security Larry Rudolph Point to point communication Public Key scheme: many people can send messages to Alice But basically a one-to-one protocol: With signing and with replies Not well suited: pervasive computing Environment filled with devices

6.893 Spring 2004: Security Larry Rudolph Want group keys Want all students in SMA 5508 and to access course web site Want all SMA students to access SMA’s main site, etc. A person belongs to many groups Grant access based on group Add/remove people from group

6.893 Spring 2004: Security Larry Rudolph Student Director … ACL Director … ACL K1 Students Director … ACL K1 Students K1 TAs TA Director’s Office TA Student Usage Scenario

6.893 Spring 2004: Security Larry Rudolph Access Control Security Model Useful mechanism in guarding access to resources Suitable for dynamic environments Each resource maintains a list referencing a set of valid keys Granting, delegating, revoking access user/application does not know accessibility of resource without explicitly attempting access User Resource

6.893 Spring 2004: Security Larry Rudolph SPKI/SDSI Introduction (Simple Public-Key Infrastructure/Simple Distributed Security Infrastructure) A group key infrastructure Build secure, scalable distributed computing systems Fine-grained access control over an untrusted network

6.893 Spring 2004: Security Larry Rudolph SPKI/SDSI Introduction (Simple Public-Key Infrastructure/Simple Distributed Security Infrastructure) Designed by Ron Rivest, Butler Lampson and Carl Ellison Each public key is a CA Name certificate: defines a name in issuer’s name space Authorization certificate: grants a specific authorization from issuer to subject

6.893 Spring 2004: Security Larry Rudolph SPKI/SDSI: Name Certificates Local name spaces Groups Traditional: {MIT Dave_Brown, K DB } K MIT SPKI/SDSI: {K c friends, K d } K {K c friends, K e } K {K c friends, K f } K If ‘K c friends’ is on an ACL, K d, K e and K f are allowed to access the object. c c c

6.893 Spring 2004: Security Larry Rudolph SPKI/SDSI: Name Certificate (cert (issuer (name (public-key (rsa-pkcs1-md5 (e #23#) (n |AMMgMuKpqK13pHMhC8kuxaSeCo+yt8TadcgnG8bEo+erdrSBveY3C MBkkZqrM0St4KkmMuHMXhsp5FX71XBiVW1+JGCBLfI7hxWDZCxGTMg bR4Fk+ctyUxIv3CQ93uYVkg9ca6awCxtS0EI7sLuEB+HKuOLjzTsH+ +Txw9NAHq4r|))) friends)) (subject (public-key (rsa-pkcs1-md5 (e #23#) (n |AKg3tOzoJ5PGQ5q9jzxzwxE8o6bIZ6/cE8gEL+1xJa23viE3bz68ru hpD5muqJ+uyDCNxgAZ0JVXJazmX1QjiGudj9kEmuni8gJRLZRu0T5E3 K7OU2dodu0kdDg32kym7+ooZNe/F0zWGekfESeezyQ25kvNO3XQvMHX afWcYjRw|)))))

6.893 Spring 2004: Security Larry Rudolph SPKI/SDSI: Authorization Model Simple trust policy model Authorizations specified in flexible, user- defined tags Authorizations can be defined as specific or as general as desired Delegation (specific)

6.893 Spring 2004: Security Larry Rudolph SPKI/SDSI: Authorization Certificate (cert (issuer (public-key (rsa-pkcs1-md5 (e #23#) (n |AMMgMuKpqK13pHMhC8kuxaSeCo+yt8TadcgnG8bEo+erdrSBveY3C MBkkZqrM0St4KkmMuHMXhsp5FX71XBiVW1+JGCBLfI7hxWDZCxGTMg bR4Fk+ctyUxIv3CQ93uYVkg9ca6awCxtS0EI7sLuEB+HKuOLjzTsH+ +Txw9NAHq4r|)))) (subject (public-key (rsa-pkcs1-md5 (e #23#) (n |AKg3tOzoJ5PGQ5q9jzxzwxE8o6bIZ6/cE8gEL+1xJa23viE3bz68ru hpD5muqJ+uyDCNxgAZ0JVXJazmX1QjiGudj9kEmuni8gJRLZRu0T5E3 K7OU2dodu0kdDg32kym7+ooZNe/F0zWGekfESeezyQ25kvNO3XQvMHX afWcYjRw|)))) (tag (http (* set GET POST) (* prefix (propagate))

6.893 Spring 2004: Security Larry Rudolph (tag (http (* set GET POST) (* prefix SPKI/SDSI: Tag Intuitively, a tag is a set of requests.

6.893 Spring 2004: Security Larry Rudolph Proxy to Proxy Alice (Client Proxy)Bob (Server Proxy) D a (private key) E a (public key) Alice’s client certs List of CA certs D b (private key) E b (public key) ACL Server certs Set up SSL connection: Server auth Session key for privacy Freshness (nonce) Protection from MIM Initialization:

6.893 Spring 2004: Security Larry Rudolph Proxy to Proxy Case 1: user’s key is directly on the ACL Alice (Client)Bob (Server) D a (private key) E a (public key) Alice’s client certs List of CA certs D b (private key) E b (public key) ACL Server certs [tag] Da Response ACL: {E c, E b, E a} Signed by alice

6.893 Spring 2004: Security Larry Rudolph Proxy to Proxy Alice (Client Proxy) Bob (Server Proxy) D a (private key) E a (public key) Alice’s client certs List of CA certs D b (private key) E b (public key) ACL Server certs [tag] Da Rejected: [tag] Da, certs ACL Case 2: user’s key is “indirectly” on the ACL Client performs certificate chain discovery. Server verifies certificate chain. ACL: {‘E b friends’}

6.893 Spring 2004: Security Larry Rudolph Certificate Chaining Example Bob’s ACL says only MIT faculty are allowed to access his server. Alice’s first request is simply signed with Alice’s key, and Bob rejects this request. Alice’s second request contains a chain consisting of the following certificates: A certificate saying she is an LCS Professor A second certificate saying LCS Professors are MIT faculty

6.893 Spring 2004: Security Larry Rudolph Certificate Chain Discovery (Client Proxy) Derive certificate chains Input: device’s ACL, requestor’s public key, requestor’s set of signed certificates, tag Output: a chain of certificates leading from an entry on the ACL to the requestor’s public key. (The certificate chain consists of signed certificates. It proves that the requestor is authorized to perform the tag’s operations on the device.) * Recall, intuitively, a tag is a set of requests.

6.893 Spring 2004: Security Larry Rudolph Certificate Chain Verification (Server Proxy) Verify certificate chains Input: device’s ACL, requestor’s public key, requestor’s certificate chain, tag Output: 1 if certificate chain proves that the public key is authorized to perform the tag’s operations on the device; 0 otherwise.

6.893 Spring 2004: Security Larry Rudolph Proxy to Proxy Alice (Client Proxy)Bob (Server Proxy) D a (private key) E a (public key) Alice’s client certs List of CA certs D b (private key) E b (public key) ACL Server certs [tag] Da Rejected: [tag] Da, certs ACL Case 2 revisited user’s key is “indirectly” on the ACL Signed request provides proof of authenticity of the request Certificate chain provides proof that the request is authorized

6.893 Spring 2004: Security Larry Rudolph Example: Public resource Mary wants to turn on/off a public light switch. 1.Mary sends request (either signed or unsigned) via her proxy to the light switch’s proxy. [tag] D m Light switch’s proxy may require requests to be signed for auditing purposes. “ok” 2.Light switch’s proxy has no ACL. It honors Mary’s request.

6.893 Spring 2004: Security Larry Rudolph Example: user’s key directly on ACL Mary wants to log into an account on a dialup machine. ACL: {E c, E f, E m} 1.Mary sends signed request via her proxy to the dialup’s proxy. [tag] D m “ok” 2.Dialup’s proxy has an ACL which contains Mary’s public-key. It checks the signature on Mary’s request, and honors Mary’s request to login if the signature verifies.

6.893 Spring 2004: Security Larry Rudolph Example:user’s key is indirectly on ACL Mary wants to play music on John’s speaker. ACL: {‘E j friends’} 1.Mary sends signed request via her proxy to John’s speaker’s proxy. [tag] D m “ok” 4.John’s speaker’s proxy verifies second request. [tag] Dm, {‘E j friends’, E m } Ej 3.Mary’s proxy derives a chain of certificates and sends second request to John’s speaker’s proxy. ACL 2.John’s speaker’s proxy rejects first request, and returns the ACL.

6.893 Spring 2004: Security Larry Rudolph More “fun” Integrating access control with name lookup services Trusting untrusting devices Using public terminals in Startbucks as a cache for handheld

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.