Presentation is loading. Please wait.

Presentation is loading. Please wait.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

Published byIrene Heaslip Modified over 10 years ago

Similar presentations

Presentation on theme: "CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz."— Presentation transcript:

1 CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz

2 Administrivia  Final exam reminder + study guide –DSS students contact me

3 Network security protocols in practice

4 Network layers  Application  Transport  Network  Data link  Physical

5 Roughly…  Application layer: the communicating processes themselves and the actual ‘content’ transmitted  Transport layer (TCP/UDP): “end-to-end” communication; reliability; flow control  Network layer (IP): “host-to-host” communication; routing  Data link layer (Ethernet/WiFi): transmission of frames over a single hop

6 Example security protocols  Application layer: PGP, SSH  Transport layer: SSL/TLS  Network layer: IPsec  Data link layer: IEEE 802.11 (WEP, WPA)

7 Security in what layer?  Depends on the purpose… –How are keys provisioned/shared? –Should the (human) user be involved? –Semantics: authenticate user-to-user, or host-to-host?

8 Security in what layer?  Depends on what’s available –E.g., consider a user connecting to a website from a café (over a wireless network) –End-to-end encryption might be unavailable (e.g., if website does not support encryption) –Eavesdropping on Internet backbone less likely than eavesdropping on wireless link in café –Encrypt link from user to wireless router –Link-layer encryption more appropriate Link-layer authentication also possible

9 Security in what layer?  Depends on the threat model/what threats are being addressed –What information needs to be protected? (Ports, IP addresses?) –E.g., network-layer authentication will not prevent DoS attacks at link level (e.g., ARP spoofing, replay disconnect messages, overloading access point) –E.g., an application-layer protocol cannot protect IP header information –End-to-end, or hop-by-hop?

10 Security in what layer?  Security interactions with various layers –E.g., if TCP accepts a packet which is rejected by the application above it, then TCP will reject the “correct” packet (detecting a replay) when it arrives! –E.g., if higher-layer header data is used by a firewall to make decisions, this is incompatible with network-layer encryption (if it encrypts headers)

11 Generally…  When security is placed at lower levels, it can provide automatic, “blanket” coverage… –…but it can take a long time before it is widely adopted –Can be inefficient to encrypt everything  When security is placed at higher levels, individual users can choose when to use it… –…but users who are not security-conscious may not take advantage of it –Can encrypt only what is necessary

12 Example: PGP vs. SSL vs. IPsec  PGP is an application-level protocol for “secure email” –Can provide security over insecure networks –Users choose when to use PGP; user must be involved –Alice’s signature on an email proves that Alice actually generated the message, and it was received unaltered; also non-repudiation In contrast, SSL secures “the connection” from Alice’s computer; would need additional mechanisms to authenticate the user –Communication with off-line party (i.e., email)

13 Example: PGP vs. SSL vs. IPsec  SSL sits at the transport layer, “above” TCP –Packet stream authenticated/encrypted –End-to-end security, best for connection-oriented sessions (e.g., http traffic) –User does not need to be involved –The OS does not have to change, but applications do if they want to communicate securely

14 Example: PGP vs. SSL vs. IPsec  IPsec sits at the network layer –Individual packets authenticated/encrypted –End-to-end or hop-by-hop security –Need to modify OS –All applications “protected” by default, without requiring any change to applications or actions on behalf of users –Only authenticates hosts, not users –User can be completely unaware that IPsec is running

15 SSL/TLS

16 Brief history…  SSLv2 deployed in Netscape 1.1 (1995)  Modified version of SSLv3 standardized as TLS  This overview will not focus on the differences; I just say “SSL” for convenience  SSL is a major success story! –Used extensively and (almost) exclusively to secure web traffic

17 Broad overview  SSL runs on top of TCP –Advantage: does not require changes to TCP  From the programmer’s point of view, it sits at the transport layer –Same API as for TCP –Runs only with TCP, not UDP  Primarily used for HTTP traffic

18 SSL overview  Three phases –Handshake –Key derivation –Data transfer

19 Handshake + key derivation  Client sends list of supported crypto algorithms and nonce R C  Server sends a certificate, selects a crypto algorithm, and sends nonce R S –Nonce protects against client impersonation  Client encrypts random K with server’s public key  Client/server derive session keys from R C, R S, K –Prevents replay attacks  Client sends a MAC of the handshake; server responds with the same

20 Sessions and connections  One session may have multiple simultaneous connections  Can derive per-connections keys by exchanging fresh R C, R S, and using session (master) key K

21 Data transfer  Client and server use K to establish four keys: encryption and authentication, for each direction  SSL breaks data stream into records; appends a MAC to each record; and then encrypts the result –Mac-then-encrypt… –What would have been a better choice?  The MAC is computed over the record plus a sequence number –Prevents replay, re-ordering, or dropping packets

22 SSL security  Provides confidentiality, integrity, and unidirectional authentication –Client wants to make sure they are talking to the right merchant; merchant does not care who client is  Mutual authentication supported –If server requests it, and client has a certificate –Note that mutual authentication may be done at application level (e.g., password-based login)

Download ppt "CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz."

Similar presentations

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS 4362 - CIS 5357 Network Security.

1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS CIS 5357 Network Security.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Security S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.

Security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
CCNA – Network Fundamentals

CCNA – Network Fundamentals
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.
Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 

Internet Protocol Security An Overview of IPSec. Outline:  What Security Problem?  Understanding TCP/IP.  Security at What Level?  IP Security. 
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
Lecture 22 Internet Security Protocols and Standards

Lecture 22 Internet Security Protocols and Standards
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
CMSC 414 Computer and Network Security Lecture 27 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 27 Jonathan Katz.
Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Securing TCP/IP Chapter 6. Introduction to Transmission Control Protocol/Internet Protocol (TCP/IP) TCP/IP comprises a suite of four protocols The protocols.

Similar presentations

Ads by Google