Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network and Communication Security Section 8.1 - 8.3 COS 461: Computer Networks Spring 2011 Mike Freedman

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Network and Communication Security Section 8.1 - 8.3 COS 461: Computer Networks Spring 2011 Mike Freedman"— Presentation transcript:

1 Network and Communication Security Section 8.1 - 8.3 COS 461: Computer Networks Spring 2011 Mike Freedman http://www.cs.princeton.edu/courses/archive/spring11/cos461/ 1

2 Overview Network security and definitions Brief introduction to cryptography – Cryptographic hash hunctions – Symmetric-key crypto – Public-key crypto 2

3 Internet’s Design: Insecure Designed for simplicity “On by default” design Readily available zombie machines Attacks look like normal traffic Internet’s federated operation obstructs cooperation for diagnosis/mitigation 3

4 Basic Components Confidentiality: Concealment of information or resources Authenticity: Identification and assurance of origin of info Integrity: Trustworthiness of data or resources in terms of preventing improper and unauthorized changes Availability: Ability to use desired info or resource Non-repudiation: Offer of evidence that a party indeed is sender or a receiver of certain information Access control: Facilities to determine and enforce who is allowed access to what resources (host, software, network, …) 4

5 Eavesdropping - Message Interception (Attack on Confidentiality) Unauthorized access to information Packet sniffers and wiretappers (e.g. tcpdump) Illicit copying of files and programs A B Eavesdropper 5

6 Integrity Attack - Tampering Stop the flow of the message Delay and optionally modify the message Release the message again A B Perpetrator 6

7 Authenticity Attack - Fabrication Unauthorized assumption of other’s identity Generate and distribute objects under identity A B Masquerader: from A 7

8 Attack on Availability Destroy hardware (cutting fiber) or software Modify software in a subtle way Corrupt packets in transit Blatant denial of service (DoS): – Crashing the server – Overwhelm the server (use up its resource) A B 8

9 Impact of Attacks Theft of confidential information Unauthorized use of – Network bandwidth – Computing resource Spread of false information Disruption of legitimate services 9

10 10 Introduction to Cryptography

11 11 What is Cryptography? Comes from Greek word meaning “secret” – Primitives also can provide integrity, authentication Cryptographers invent secret codes to attempt to hide messages from unauthorized observers Modern encryption: – Algorithm public, key secret and provides security – May be symmetric (secret) or asymmetric (public) plaintext ciphertext plaintext encryptiondecryption

12 12 Cryptographic Algorithms: Goal Given key, relatively easy to compute Without key, hard to compute (invert) “Level” of security often based on “length” of key

13 13 Three Types of Functions Cryptographic hash Functions – Zero keys Secret-key functions – One key Public-key functions – Two keys

14 14 Cryptographic hash functions

15 15 Cryptography Hash Functions Take message, m, of arbitrary length and produces a smaller (short) number, h(m) Properties – Easy to compute h(m) – Pre-image resistance: Hard to find an m, given h(m) “One-way function” – Second pre-image resistance: Hard to find two values that hash to the same h(m) E.g. discover collision: h(m) == h(m’) for m != m’ – Often assumed: output of hash fn’s “looks” random

16 How hard to find collisions? Birthday Paradox Compute probability of different birthdays Random sample of n people taken from k=365 days Probability of no repetition: – P = 1 – (1) (1 - 1/365) (1 – 2/365) (1 – 3/365) … (1 – (n-1)/365) – P ≈ 1 – e -(n(n-1)/2k – Let k=n, P ≈ 2 (N/2) 16

17 How Many Bits for Hash? If m bits, takes 2 m/2 to find weak collision – Still takes 2 m to find strong (pre-image) collision 64 bits, takes 2 32 messages to search (easy!) Now, MD5 (128 bits) considered too little SHA-1 (160 bits) getting old 17

18 18 Example use #1: Passwords Password hashing – Can’t store passwords in a file that could be read Concerned with insider attacks! – Must compare typed passwords to stored passwords Does hash (typed) == hash (password) ? – Actually, a “salt” is often used: hash (input || salt) Avoids precomputation of all possible hashes in “rainbow tables” (available for download from file-sharing systems)

19 19 Example use #2: Self-certifying naming File-sharing software (LimeWire, BitTorrent) – File named by F name = hash (data) – Participants verify that hash (downloaded) == F name If check fails, reject data Recursively applied… – BitTorrent file has many chunks – Control file downloaded from tracker includes: \forall chunks, F chunk name = hash (chunk) – BitTorrent client verifies each individual chunk

20 20 Example use #3: TCP SYN cookies What state is established during TCP conn setup? – Server: Initial Sequence Number (ISN), kernel bufs, MSS info – Attack: Setup state at server with SYN, never follow-up Particularly bad: client spoofs IP, never needs response General idea of SYN cookies: – Server responds to Client SYN with SYN-ACK cookie timestamp = time() mod 32 seqno = f (timestamp, src ip, src port, dest ip, dest port) Server’s ISN = timestamp [5b] || mss[3b] || seqno [24b] Keeps no state. Delays memory buffer allocation. – Honest client responds with ACK (of server ISN) – Server checks response. If seqno valid, establishes conn

21 21 Symmetric (Secret) Key Cryptography

22 22 Symmetric Encryption Also: “conventional / private-key / single-key” – Sender and recipient share a common key – All classical encryption algorithms are private-key – Dual use: confidentiality or authentication/integrity Encryption vs. msg authentication code (MAC) Was only type of encryption prior to invention of public-key in 1970’s – Most widely used – More computationally efficient than “public key”

23 23 Symmetric Cipher Model

24 24 Use and Requirements Two requirements – Strong encryption algorithm – Secret key known only to sender / receiver Goal: Given key, generate 1-to-1 mapping to ciphertext that looks random if key unknown – Assume algorithm is known (no security by obscurity) – Implies secure channel to distribute key Confidentiality (Encryption) Sender: Compute C = AES K (M) Send C Receiver: Recover M = AES’ K (C) Auth/Integrity (MAC) Sender: Compute H = AES K (SHA1 (M)) Send Receiver: Computer H’ = AES K (SHA1 (M)) Check H’ == H

25 25 Public-Key Cryptography

26 Why Public-Key Cryptography? Developed to address two key issues: – Key distribution: Secure communication w/o having to trust a key distribution center with your key – Digital signatures: Verify msg comes intact from claimed sender (w/o prior establishment) Public invention due to Whitfield Diffie & Martin Hellman in 1976 – Known earlier in classified community 26

27 Public-Key Cryptography Public-key/asymmetric crypto involves use of two keys – Public-key: Known by anybody, and can be used to encrypt messages and verify signatures – Private-key: Known only to recipient, used to decrypt messages and sign (create) signatures Asymmetric because – Can encrypt messages or verify signatures w/o ability to decrypt messages or create signatures – If “one-way function” goes c  F(m), then public-key encryption is a “trap-door” function: Easy to compute c  F(m) Hard to compute m  F -1 (m) without knowing k Easy to compute m  F -1 (m,k) by knowing k 27

28 Public-Key Cryptography 28

29 Security of Public Key Schemes Like private key schemes, brute force search possible – But keys used are too large (e.g., >= 1024bits) Security relies on a difference in computational difficulty b/w easy and hard problems – RSA: exponentiation in composite group vs. factoring – ElGamal/DH: exponentiation vs. discrete logarithm in prime group – Hard problem is known, but computationally expensive Requires use of very large numbers – Hence is slow compared to private key schemes – RSA-1024: 80 us / encryption; 1460 us / decryption [cryptopp.com] – AES-128: 109 MB / sec = 1.2us / 1024 bits 29

30 (Simple) RSA Algorithm Security due to cost of factoring large numbers – Factorization takes O(e log n log log n ) operations (hard) – Exponentiation takes O((log n) 3 ) operations (easy) To encrypt a message M the sender: – Obtain public key {e,n}; compute C = M e mod n To decrypt the ciphertext C the owner: – Use private key {d,n}; computes M = C d mod n Note that msg M must be smaller than the modulus n – Otherwise, hybrid encryption: Generate random symmetric key r Use public key encryption to encrypt r Use symmetric key encryption under r to encrypt M 30

31 Summary Network security and definitions Introduction to cryptography – Cryptographic hash functions Zero keys, hard to invert, hard to find collisions – Symmetric-key crypto One key, hard to invert, requires key distribution – Public-key crypto Two keys, hard to invert, more expensive Wed: IPSec, HTTPS, DNSSEC, other security problems 31

Download ppt "Network and Communication Security Section 8.1 - 8.3 COS 461: Computer Networks Spring 2011 Mike Freedman"

Similar presentations

Public Key Cryptography Nick Feamster CS 6262 Spring 2009.

Public Key Cryptography Nick Feamster CS 6262 Spring 2009.
CPS 290 Computer Security Network Tools Cryptography Basics CPS 290Page 1.

CPS 290 Computer Security Network Tools Cryptography Basics CPS 290Page 1.
NS-H0503-02/11041 Attacks. NS-H0503-02/11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.

NS-H /11041 Attacks. NS-H /11042 The Definition Security is a state of well-being of information and infrastructures in which the possibility.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.

CS 6262 Spring 02 - Lecture #7 (Tuesday, 1/29/2002) Introduction to Cryptography.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Public Key Algorithms …….. RAIT M. Chatterjee.

Public Key Algorithms …….. RAIT M. Chatterjee.
6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.

6/9/2015Madhumita. Chatterjee1 Overview of Computer Security.
Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.

Dr. Lo’ai Tawalbeh Summer 2007 Chapter 9 – Public Key Cryptography and RSA Dr. Lo’ai Tawalbeh New York Institute of Technology (NYIT) Jordan’s Campus INCS.
Network and Communication Security COS 461: Computer Networks Spring 2010 (MW 3:00-4:20 in COS 105) Mike Freedman

Network and Communication Security COS 461: Computer Networks Spring 2010 (MW 3:00-4:20 in COS 105) Mike Freedman
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
Network and Communication Security COS 461: Computer Networks Spring 2009 (MW 1:30-2:50 in COS 105) Mike Freedman Teaching Assistants: Wyatt Lloyd and.

Network and Communication Security COS 461: Computer Networks Spring 2009 (MW 1:30-2:50 in COS 105) Mike Freedman Teaching Assistants: Wyatt Lloyd and.
Public Key Cryptography and the RSA Algorithm

Public Key Cryptography and the RSA Algorithm
Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.

Cryptography1 CPSC 3730 Cryptography Chapter 9 Public Key Cryptography and RSA.
Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.

Private-Key Cryptography traditional private/secret/single key cryptography uses one key shared by both sender and receiver if this key is disclosed communications.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.

Dr.Saleem Al_Zoubi1 Cryptography and Network Security Third Edition by William Stallings Public Key Cryptography and RSA.
1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

1 Pertemuan 08 Public Key Cryptography Matakuliah: H0242 / Keamanan Jaringan Tahun: 2006 Versi: 1.

Similar presentations

Ads by Google