1. بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006

2. Network Security Goals Confidentiality or Privacy: Only sender, intended receiver should ”understand” message contents o Sender encrypts message o Receiver decrypts message Authentication: Sender, receiver want to confirm identity of each other Integrity: Sender, receiver want to ensure messages are not altered during transmission without detection Access and Availability: Services must be accessible and available to users

3. People want to communicate securely Eve (intruder/eavesdropper): may intercept, delete, add messages

4. There are Eavesdroppers out there! Q: what can an eavesdropper do? A: a lot! o Observing and recording information o Unauthorized access to a server o Denial of service: prevent service from being used by others (e.g. by Flooding a server with requests) o Impersonating a legitimate server o Hijacking: “take over” ongoing connection by removing sender or receiver, inserting himself in place

5. Network Security: Agenda o Main weapon: cryptography Confidentiality (encryption) Message authentication Signatures and Certificates o Internet Threats, Attacks and Defenses Secure request/ response protocols Secure connection ‘tunnels’ Denial of Service attacks Firewalls

6. Encryption Protects Confidentiality Secret Key crypto: Shared secret key (K E,B =K D,B ) Public key crypto: A user has a public encryption key K E,B and a matching private decryption key K D,B

7. Secret Key Crypto Two operations (“encrypt”, “decrypt”) which are inverses of each other. Like multiplication/division One parameter (“the key”) Even the person who designed the algorithm can’t break it without the key Ideally, a different key for each pair of users

8. Secret key crypto encrypt= f(K, plaintext)=ciphertext decrypt= f(K, ciphertext)=plaintext authentication: send f(K, challenge) integrity check: f(K, msg)=X verify integrity check: f(K, X, msg)

9. Public Key Crypto Two keys per user, keys are inverses of each other Public key “BPub” you tell to the world Private key “BPriv” you keep private Yes it’s magic. Why can’t you derive “BPriv” from “BPub”? And if it’s hard, where did (BPub, BPriv) come from?

10. Encryption and Integrity  Encryption hides the message from eavesdropper  Question: can eavesdropper change message? o Or: dose encryption ensure message integrity?  With Public Key Encryption: o Eve can replace E BPub (m) with fake: E BPub (m’)  With Secret (shared) Key Encryption: o This seems harder to do o But given c=m  k, attacker can send c  mask, to invert any bit in decrypted message (use mask)  Encryption does not ensure integrity!

11. Public Key VS. Secret Key In terms of capabilities public key is more powerful. Public key provides digital signature. Secret key is much faster than public key

12. Public Key Digital Signatures: concept One of the best features of public key An integrity check calculated as f(priv key, data) verified as f(public key, data, signature) Verifiers don’t need to know secret key RSA can be used for digital signature scheme

13. Popular Secret Key Algorithms DES: old standard, 56-bit key, slow 3DES: fix key size but 3 times as slow RC4: variable length key, “stream cipher” (generate stream from key, XOR with data) AES: replacement for DES, will probably take over

14. Popular Public Key Algorithms RSA: public key operations can be made very fast, but private key operations will be slow. ECC (elliptic curve crypto): smaller keys, so faster than RSA (but not for public key ops).

15. Key Distribution Problem Secret Key Problem:  How do two entities establish shared secret key over the network? Solution:  Trusted key distribution (KDC) acting as intermediary between entities  KDC needs shared key with each entity. Public Key Problem:  When Saad obtains Saeed’s public key (from web site, e-mail, diskette), how does he know it is Saeed’s public key, not eavesdropper’s? Solution:  Trusted certification authority (CA)

16. Key Distribution - Secret Keys Could configure n 2 keys Makes the systems unfeasible for large-scale use Instead use Key Distribution Center (KDC) Every user has a secret key shared with KDC The KDC knows all the users The KDC assigns a key to any pair who need to talk

17. Key Distribution - Public Keys Certification Authority (CA) signs “Certificates” Certificate = a signed message saying “I, the CA, vouch that 489024729 is Saad’s public key” If everyone has a certificate, a private key, and the CA’s public key, they can authenticate

18. Key Distribution - Public Keys Saad Saeed [“Saad”, key=342872]CA Auth, encryption, etc. [“Saeed”, key=8294781]CA

19. Denial Of Service Attack  Attacker tries to exhaust resources of host/ server/ router/ user  Resources include:  Computation (CPU time)  Storage (e.g. for state of requests/connections)  Open TCP connections  Limited (10s to several thousand connections – depending on hardware, operating system)  SYN flooding DOS attack: attacker sends ‘SYN’ flow (open connection); server waits

20. SYN flooding DOS attack  Attacker sends many SYN requests (using different spoofed client IP address), no ACK  Uses up server’s capacity for open connections

21. Firewalls  Firewall: A secure machine (or program), isolating organization’s internal net from larger Internet (or another net), allowing some packets to pass, blocking others

22. Packet Filtering  Internal network connected to Internet via Router Firewall (packet filtering)  Router filters packet-by-packet, decision to forward/ drop packet based on: o Source IP address, destination IP address o TCP/UDP source and destination port numbers o TCP SYN and ACK bit (identify client vs. server)

23. References Our textbook http://www.aw.com/kurose-ross/ http://www.iec.org http://amir.herzberg.name