Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9.

Slides:

Advertisements

Similar presentations

AUTHENTICATION AND KEY DISTRIBUTION

Advertisements

Chapter 14 – Authentication Applications

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Http Web Authentication Web authentication is used to verify a users identity before allowing access to certain web pages On web browsers you get a login.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Computer Security Key Management

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.

1 Authentication Protocols Celia Li Computer Science and Engineering York University.

Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.

Chapter 31 Network Security

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

CS5204 – Fall Cryptographic Security Presenter: Hamid Al-Hamadi October 13, 2009.

Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.

Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)

Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.

Cryptography, Authentication and Digital Signatures

CSCD 218 : DATA COMMUNICATIONS AND NETWORKING 1

4 th lecture.  Message to be encrypted: HELLO  Key: XMCKL H E L L O message 7 (H) 4 (E) 11 (L) 11 (L) 14 (O) message + 23 (X) 12 (M) 2 (C) 10 (K) 11.

Chapter 21 Distributed System Security Copyright © 2008.

Network Security Lecture 23 Presented by: Dr. Munam Ali Shah.

From Coulouris, Dollimore, Kindberg and Blair Distributed Systems: Concepts and Design Edition 5, © Addison-Wesley 2012 Slides for Chapter 11: Security.

Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.

Encryption Questions answered in this lecture: How does encryption provide privacy? How does encryption provide authentication? What is public key encryption?

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Digital Signatures, Message Digest and Authentication Week-9.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

Cryptography: Digital Signatures Message Digests Authentication

31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,

Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.

Protocol Analysis. CSCE Farkas 2 Cryptographic Protocols Two or more parties Communication over insecure network Cryptography used to achieve goal.

Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

Network Security Celia Li Computer Science and Engineering York University.

Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.

EE 122: Lecture 24 (Security) Ion Stoica December 4, 2001.

IT 221: Introduction to Information Security Principles Lecture 5: Message Authentications, Hash Functions and Hash/Mac Algorithms For Educational Purposes.

Fall 2006CS 395: Computer Security1 Key Management.

9.2 SECURE CHANNELS JEJI RAMCHAND VEDULLAPALLI. Content Introduction Authentication Message Integrity and Confidentiality Secure Group Communications.

Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

Pertemuan #8 Key Management Kuliah Pengaman Jaringan.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Fourth Edition by William Stallings Lecture slides by Lawrie Brown

The Secure Sockets Layer (SSL) Protocol

Computer Communication & Networks

NET 311 Information Security

Message Security, User Authentication, and Key Management

CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9

The Secure Sockets Layer (SSL) Protocol

CDK: Chapter 7 TvS: Chapter 9

Electronic Payment Security Technologies

Presentation transcript:

Lecture 16: Security CDK4: Chapter 7 CDK5: Chapter 11 TvS: Chapter 9

15-Nov-15COMP28112 Lecture 162 Security in 1 machine Within 1 machine, the OS is responsible for Verifying users’ identities Checking access rights to shared objects Not too difficult! But a network brings new problems: Different machines – identity mapping Network weaknesses ….

15-Nov-15COMP28112 Lecture 163 Security Problems of the Network Messages can be: Read => loss of secrecy/privacy Altered Created containing forged information Copied and replayed Can also have denial of service attacks

15-Nov-15COMP28112 Lecture 164 Cryptography All the problems with messages find solutions based on The inclusion (and checking) of extra information (e.g. sequence nos.) and Encryption –Using some algorithm, plaintext is converted to encrypted text

15-Nov-15COMP28112 Lecture 165 Secure Channels How to make client-server communication secure? –1. Authentication of the communicating parties. We may need to ensure message integrity, confidentiality, etc. –2. Authorization. Is the client authorized to have that request carried out? Relates to controlling access to the resources (granting access rights). A secure channel (Voydock and Kent, 1983) protects senders and receivers against interception, modification and fabrication of messages.

15-Nov-15COMP28112 Lecture 166 Properties of Secure Channels A secure channel connects two processes and: Ensures each process knows reliably the identity of the principal on whose behalf the other process is acting Each message includes a physical or logical time stamp to prevent replay or reordering

15-Nov-15COMP28112 Lecture 167 Digital Signatures Need an electronic version of a signature to authenticate a message Unlike paper signatures, we need to stop a signature being attached to other messages by cutting and pasting! So a signature will include the message or a secure digest derived from the signed message.

15-Nov-15COMP28112 Lecture 168 Secure digests A digest is also called a secure hash function. Need to be sure that, given the digest value, the receiver cannot invent another message which yields the same digest value!

15-Nov-15COMP28112 Lecture 169 Uses of signatures There are two aspects: Authentication – receiver knows that the message is from the signer, because it is assumed impossible to forge a signature Non-repudiation – the sender can’t deny sending the message

15-Nov-15COMP28112 Lecture 1610 Keys in Cryptography Two kinds: Shared secret keys – the major problem is how to establish a shared secret key between principals who never meet! Public/private key pairs – every one has such a pair; everyone knows all the public keys, only the principal knows the private. Need other key to decrypt message.

15-Nov-15COMP28112 Lecture 1611 Public key encryption Requires 100 – 1000 times as much processing power as secret-key algorithms Rely on the “impossibility” of deriving the private key from the public one

15-Nov-15COMP28112 Lecture 1612 Pragmatics Better not to rely on secrecy of encryption algorithms – in practice clients and servers need to know, or even negotiate, these – rely only on keys Bigger keys take longer to crack – but it is often just a matter of time, and the timescale gets shorter as attackers get more powerful computers

15-Nov-15COMP28112 Lecture 1613 Sending a confidential message A -> B: Message encrypted with B’s public key Only B can decrypt OR (more practically) A -> B: 1-off session key, K, encrypted with B’s public key A -> B: Message encrypted with K

15-Nov-15COMP28112 Lecture 1614 Digital Signature with Public Keys A -> B: A’s identity, and the message encrypted with A’s private key B can decrypt using A’s public key – and the fact that this works proves that A encrypted it – as only A knows that key. To keep the above confidential, A could encrypt the whole with B’s public key!

15-Nov-15COMP28112 Lecture 1615 Key distribution Need a way to get the public keys This needs to be secure – e.g. if an enemy intercepts the request for a key, it can reply with one it invented On an intranet, we can design a simple protocol for an authentication server

15-Nov-15COMP28112 Lecture 1616 Digital Certificates In the wider world, we need to be able to be sure that servers (and clients) are who they claim to be (and give their public keys). A certificate is an unforgeable document issued by a more trustworthy source Thus a certification chain is established Revocation – hard, use expiry date

15-Nov-15COMP28112 Lecture 1617 Needham-Schroeder Authentication Protocol Designed for use with an authentication server, S, which has secret keys for all principals How to get two processes, A and B, communicating securely without revealing secret keys to each other Used in Kerberos (within Intranets)

15-Nov-15COMP28112 Lecture 1618 Cryptography notations KAKA Alice’s secret key KBKB Bob’s secret key K AB Secret key shared between Alice and Bob K Apriv Alice’s private key (known only to Alice) K Apub Alice’s public key (published by Alice for all to read) {M} K MessageM encrypted with keyK [M]K]K MessageM signed with key K

15-Nov-15COMP28112 Lecture 1619 The Needham–Schroeder secret-key authentication protocol (7.14 in CDK) HeaderMessageNotes 1. A->S: A, B, N A A requests S to supply a key for communication with B. 2. S->A:{N A, B, K AB, {K AB, A} K B } K A S returns a message encrypted in A’s secret key, containing a newly generated key K AB and a ‘ticket’ encrypted in B’s secret key. The nonce N A demonstrates that the message was sent in response to the preceding one. A believes that S sent the message because only S knows A’s secret key. 3. A->B: A sends the ‘ticket’ to B. 4. B->A: B decrypts the ticket and uses the new key K AB to encrypt another nonce N B. 5. A->B: A demonstrates to B that it was the sender of the previous message by returning an agreed transformation of N B. {K AB, A} K B {N B } K AB {N B - 1} K AB

15-Nov-15COMP28112 Lecture 1620 The same also from TvS (Fig 9.17)

15-Nov-15COMP28112 Lecture 1621 Summary Whole 3 rd year course on using Cryptography in Networks …. This lecture has only scratched the surface – read Chapter 7 of CDK4 or Chapter 11 of CDK5 or Chapter 9 of TvS if you are interested.