Presentation is loading. Please wait.

Presentation is loading. Please wait.

Distributed Systems CS 15-440 Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Distributed Systems CS 15-440 Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud."— Presentation transcript:

1 Distributed Systems CS 15-440 Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud

2 Today…  Last Sessions  Programming Models  Guest Lecture about Grid Computing  Today’s session  Security  Introduction  Cryptography, Secure Channels  Announcement  Changes in the lecture sequence:  This week: Security  From next Monday: Virtualization 2

3 Why Security in Distributed Systems? Distributed Systems rely on sharing of resources across different networked entities Most vital/secret data handled by distributed components A single security flaw compromises the whole system Malware and viruses can spread from one part of the system to another easily Users across the world may have access to the system Cyber criminals, hackers Security lapses result in Loss of confidence, Claims for damages, Loss of privacy 3

4 Overview 4 Introduction Threats, policies and mechanisms Cryptography Secure Channels Authentication Message Integrity and Confidentiality Access Control Access Control Matrix Protection Domains Security Management Key Management Authorization Management Today’s lecture

5 Overview Security Introductory Concepts Security threats Policy and Mechanisms Cryptographic Systems Secure Channels 5

6 Introduction to Security What services do you expect from secure Distributed Systems? Secure DS should provide Confidentiality of Information Information is disclosed only to authorized parties Integrity of Information Alterations to system’s assets is made only in an authorized way 6 Secure DS are immune against possible security threats that compromise confidentiality and integrity

7 Security Threats What are the security threats when two entities communicate? 7 Alice Bob Let us meet at 12 PM Eve/ Chuck

8 Types of Security Threats (1) 1.Interception Unauthorized party has gained access to a service or data Example: Illegal copying of files, Eavesdropping over network 2.Interruption Services or data become unavailable, unusable or destroyed Example: Denial-of-Service (DoS) Attacks 8 Alice Bob Alice: Let us meet at 12 PM Eve Alice Bob Eve Alice: Let us meet at 12 PM (*##0DF * DF !34#*

9 Types of Security Threats (2) 3.Modification Unauthorized changing of data or tampering with services Example: Changing a program to secretly log the activities 4.Fabrication Additional data or activity is generated that would normally not exist Example: Replay attacks 9 Alice Bob Alice: Let us meet at 12 PM Eve Alice Bob Eve Alice: Let us meet at 12 PM Alice: Let us meet at 3 PM

10 Security Policy and Mechanisms To build a secure DS, we need to 10 Describe the security requirements: which actions the entities are allowed to take which actions are prohibited Formulate Security PoliciesBuild Security Mechanisms Specifies what is to be done Specifies how policies are implemented Implement mechanisms to: Protect data transferred Verify identity of an entity Secure access permissions

11 Security Mechanisms Four core components of security mechanisms 1.Encryption Transform the data to something that attacker cannot understand 2.Authentication Verifies the claimed identity of the user, host or other entity 3.Authorization Verifies if the entity is authorized to perform an operation 4.Auditing To trace which clients accessed what, and which way 11 Cryptographic Algorithms and Secure Channels Access Control

12 Overview Security Introductory Concepts Cryptographic Systems Types of systems Cryptographic hash functions Protocols Secure Channels 12

13 Intruder Cryptographic systems 13 Cryptography is the study of techniques for secure communication in the presence of third parties Sender Receiver P Plain text message K Encryption key Encryption Algorithm C=E K (P) Cipher text Decryption Algorithm K Decryption key P=D K (C) Passive Intruder Active Intruder Communication Channel C C C’ Passive Intruder can listen to C Active Intruder can listen and modify C, and insert messages C=E K (P)  C is obtained by encrypting the plain text P with key K P=D K (C)  P is obtained by decrypting the cipher text P with key K

14 Types of Cryptographic Systems Two types 1.Symmetric Cryptosystem (Shared-key system) 2.Asymmetric Cryptosystem (Public-key system) 14

15 Symmetric Cryptographic System 15 Alice Bob

16 Public-key Cryptographic System 16

17 Encryption in Public-key system Scenario: Alice (A) wants to send to Bob (B) Problem: Only Bob should be able to decrypt the message Approach: At A: Encrypt using B’s public key At B: Decrypt using B’s private key 17 A A B B Drawback: How does ‘B’ know that ‘A’ sent the message?

18 Authentication in Public-key system Scenario: Alice (A) wants to send a message to Bob (B) Problem: Bob wants to make sure that message came from Alice (and not from some intruder) Approach: At A: Encrypt using A’s private key At B: Decrypt using A’s public key 18 A A B B Drawback: How to ensure that ONLY ‘B’ gets the message?

19 Combining encryption and authorization Scenario: Alice (A) wants to send a message to Bob (B) Many algorithms use a combination of the above two methods to: Ensure that only Bob can decrypt the message Bob can verify that Alice has sent the messages Approach: Encrypt/Decrypt using a combination of keys A widely used method in many secure algorithms 19 A A B B What happens if intruder ‘C’ modifies message ‘m’ sent by ‘A’? Some part of message ‘m’ should contain data that is verifies the message

20 Cryptographic Hash Functions 20

21 Properties of Cryptographic Hash Functions 21

22 Encryption/Decryption Functions 22

23 Additional Properties of Encryption/Decryption Functions 23 * Property names given are meant for understanding, and is not widely used in the community

24 Overview Security Introductory Concepts Cryptographic Systems Types of systems Symmetric systems Public-key systems Cryptographic hash functions ProtocolsDESRSAHybrid Secure Channels 24

25 Protocols in Cryptosystems We will study three protocols in cryptosystems Data Encryption Standard (DES) Encryption/Decryption in Symmetric Cryptosystems RSA protocol Encryption/Decryption in Public-Key cryptosystems Hybrid Cryptographic protocol A combination of Symmetric and Public-Key based system 25

26 DES Protocol 26... KMKM KMKM DES Encryption Algorithm... KMKM KMKM DES Decryption Algorithm 64-bit plain-text 64-bit Cipher-text 64-bit plain-text 56-bit key

27 DES Encryption Algorithm 1.Permute a 64-bit block 2.16 rounds of identical operations 3.In each round i i.Divide the block into 2 halves L i and R i ii.Extract 48-bit key K i from K M iii.Mangle the bits in L i and R i using K i to produce R i+1 iv.Extract R i as L i+1 4.Perform an inverse permutation on the block L 16 -R 16 to produce the encrypted output block 27... L1R1 KMKM KMKM K1K1 K1K1 f(L1,R1,K1) L2R2 Input blockMaster Key Round 1 Round 16 K 16 f(L16,R16,K16) L16R16 L15R15... Encrypted output block

28 Discussion about DES DES encryption and decryption is relatively fast DES has disadvantages of a Symmetric Cryptosystem Requires sender and receiver to exchange K M For N-user system, DES needs N(N-1)/2 master key pairs History of DES: DES was invented in 1974 In 1997, it was shown that DES can be easily cracked using brute-force attacks Triple-DES is in use in some systems It applies DES three times using two keys 28

29 RSA protocol Invented by Rivest, Shamir and Adleman (RSA) as a protocol for Public-key systems Approach: 1.Choose two very large prime numbers, p and q 2.Compute n = pq 3.Compute z = (p-1)(q-1) 4.Choose a number e that is relatively prime to z e is co-prime to z 5.Compute the number d such that de % z = 1 This is equivalent to finding de = 1 + kz for some integer k Depending on the requirement, d and e can be used as public and private keys d is used for decryption; e is used for encryption 29 Example * n = 7*19 = 133 z = 6*18 = 108 e=5 p=7; q=19 d=65 for m=325 * The numbers chosen in the example are for illustration. Prime numbers with 100s of digits are chosen in the actual RSA algorithm

30 Example: RSA protocol for encryption (1) Scenario: Alice (A) wants to send to Bob (B) Problem: Only Bob should be able to decrypt the message Given d and e are the two keys computed by RSA, which row indicates correct choice of keys? 30 A A B B Correct/ Incorrect AliceBob de ed de ed x x Correct x

31 Example: RSA protocol for encryption (2) At the sender: Split the message into fixed-length blocks of size s (0 <= s < n) For each block m i Sender calculates the encrypted message c i such that c i =m i e (mod n) Send c i to the receiver At the receiver: Receive c i from sender For each block c i Compute actual message m i = c i d (mod n) Merge all c i ’s to obtain the complete message 31 Example s = 132 m i = 6 Calculated Values p=7; q=19; n=133; d=65; e=5 c i = 6 5 (mod 133) = 62 m i = 62 65 (mod 133) = 6

32 Discussion about RSA RSA has advantages of Public-key system Harder to break the code For a N-user system, RSA needs only 2N keys Computation time of RSA is much larger than DES Approximately 100-1000 times slower 32

33 Hybrid Cryptographic protocols Large scale distributed systems use a combination of symmetric and public-key protocols Leveraging the advantages of both schemes Encryption based on Public-key are more secure Authenticate using RSA Exchange the “secret key” using RSA for a session Encryption based on Symmetric keys are faster Exchange large data using the above “secret key” 33

34 Beyond Cryptographic Mechanisms Many users, clients and servers need to dynamically send messages in a distributed system How can an end-to-end secure distributed system be built using the cryptographic mechanisms? How can each message and user be protected against security threats? How do clients and processes authenticate? What protocols are needed for these? What is their complexity? 34

35 Overview Security Introductory Concepts Cryptographic Systems Types of systems Cryptographic hash functions Protocols Secure Channels Authentication Shared Secret Key based Authentication Authentication using a Key Distribution Center Authentication using Public-key Cryptography Message Integrity and Confidentiality 35

36 Secure Channels A Secure Channel is an abstraction of secure communication between communication parties in a DS A Secure Channel protects senders and receivers against: Interception By ensuring confidentiality of the sender and receiver Modification and Fabrication of messages By providing mutual authentication and message integrity protocols We will study Authentication Confidentiality and Message Integrity 36

37 Authentication Consider a scenario where Alice wants to set up a secure channel with Bob Alice sends a message to Bob (or trusted third party) for mutual authentication Message integrity should be ensured for all communication between Alice and Bob Generate a “session key” to be used between Alice and Bob Session-keys ensure integrity and confidentiality When the channel is closed, the session key is destroyed 37

38 Types of Mutual Authentication Protocols 1.Shared Secret Key based Authentication 2.Authentication using a Key Distribution Center 3.Authentication using Public-key Cryptography 38

39 Types of Mutual Authentication Protocols 1.Shared Secret Key based Authentication 2.Authentication using a Key Distribution Center 3.Authentication using Public-key Cryptography 39

40 Shared Secret Key based Authentication The scheme is also known as “Challenge-Response protocol” Let K A,B be the shared secret key between Alice and Bob The Challenge-Response Protocol 1.‘A’ sends her identity to ‘B’ 2.‘B’ sends a challenge R B back to ‘A’ 3.‘A’ responds to the challenge by encrypting R B with K A,B (denoted by K A,B (R B )), and sending it back to ‘B’ 4.‘A’ challenges ‘B’ by sending R A 5.‘B’ responds to the challenge by sending the encrypted message K A,B (R A ) 40 Alice Bob A RBRB K A,B (R B ) RARA K A,B (R A ) A and B are mutually authenticated

41 A Possible Optimization Will the below 3-step protocol work? 41 Alice Bob A, R A R B,K A,B (R A ) K A,B (R B ) Bob Chuck (pretending to be Alice) A, R C R B,K A,B (R C ) Session 1 A, R B R B2,K A,B (R B ) Session 2 K A,B (R B ) Session 1 Reflection Attack (?)

42 Lessons from Shared Secret Key based Authentication Use different challenges for the initiator and responder Recall: Chuck reflected the same challenge that the responder had posed Do not provide valuable information before authentication Recall: Bob provided K A,B (R B ) without authenticating Chuck Tweaking security protocols for efficiency often affects the correctness of the protocol 42

43 Summary Security Introductory Concepts Security threats Policy and Mechanisms Cryptographic Systems Types of systems Symmetric systems Public-key systems Cryptographic hash functions Protocols DESRSAHybrid Secure Channels Authentication Shared Secret Key based Authentication Authentication using a Key Distribution Center Authentication using Public-key Cryptography Message Integrity and Confidentiality 43

44 Next Class Secure Channel Two Authentication Protocols: Using Key Distribution Center Public-key based Message Integrity and Confidentiality Access Control Security Management 44

45 References [1] http://en.wikipedia.org/wiki/Cryptographyhttp://en.wikipedia.org/wiki/Cryptography [2] http://www.cs.colorado.edu/~jrblack/class/csci7000/f03/talks/7000_1.ppthttp://www.cs.colorado.edu/~jrblack/class/csci7000/f03/talks/7000_1.ppt [3] http://pajhome.org.uk/crypt/rsa/rsa.htmlhttp://pajhome.org.uk/crypt/rsa/rsa.html 45

Download ppt "Distributed Systems CS 15-440 Security – Part I Lecture 21, Nov 28, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud."

Similar presentations

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.

1 Counter-measures Threat Monitoring Cryptography as a security tool Encryption Digital Signature Key distribution.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.

Block Ciphers: Workhorses of Cryptography COMP 1721 A Winter 2004.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)

Cryptography Basic (cont)
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.

8.1 Learning Objectives To become familiar with the range of security threats faced by networked and distributed systems (DSs); To examine various cryptographic.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.

Cryptography (continued). Enabling Alice and Bob to Communicate Securely m m m Alice Eve Bob m.
McGraw-Hill©The McGraw-Hill Companies, Inc., 2004 1 Security PART VII.

McGraw-Hill©The McGraw-Hill Companies, Inc., Security PART VII.
WS 2006-07 Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.

WS Algorithmentheorie 03 – Randomized Algorithms (Public Key Cryptosystems) Prof. Dr. Th. Ottmann.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.

Similar presentations

Ads by Google