Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Chapter 8 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

Published byRalph Young Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Chapter 8 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos."— Presentation transcript:

1 1 Chapter 8 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos

2 2 Figure 8-1: Cryptographic System Phase 1: Initial Negotiation of Security Parameters Phase 2: Mutual Authentication Client PC Server Phase 3: Key Exchange or Key Agreement Three Initial “Hand-Shaking” Phases

3 3 Figure 8-1: Cryptographic System Phase 4: Ongoing Communication with Message-by-Message Confidentiality, Authentication, and Message Integrity Client PC Server The Initial Hand-Shaking Stages are Very Brief Almost All Messages are Sent During the Ongoing Exchange Phase

4 4 Figure 8-2: Major Cryptographic Systems Application Layer Transport Internet Data Link Physical PPTP, L2TP (really only a tunneling system) Not applicable. No messages are sent at this layer—only individual bits IPsec SSL/TLS Kerberos Cryptographic System

5 5 Figure 8-3: Virtual Private Network (VPN) VPN Server Protected Server VPN Server Protected Server Corporate Site A Corporate Site B Internet Remote Customer or Supplier PC Remote Corporate PC Remote Access VPN Remote Access VPN Site-to-Site VPN

6 6 Virtual Private Network (VPN) Server Host-to-Host VPN Hosts can communicate Directly with each other Client-Server Client-Client Internet New Not in Book

7 7 Figure 8-4: SSL/TLS Operation Protects All Application Traffic That is SSL/TLS-Aware SSL/TLS Works at Transport Layer Applicant (Customer Client) Verifier (Merchant Server)

8 8 Figure 8-4: SSL/TLS Operation Applicant (Customer Client) Verifier (Merchant Server) 1. Negotiation of Security Options (Brief) 2. Merchant Authenticates Self to Customer Uses a Digital Certificate Customer Authentication is Optional and Uncommon

9 9 Figure 8-4: SSL/TLS Operation Applicant (Customer Client) Verifier (Merchant Server) 3. Client Generates Random Session Key Client Sends Key to Server Encrypted with Public Key Encryption 4. Ongoing Communication with Confidentiality and Merchant Digital Signatures

10 10 SSL/TLS VPNs Growing rapidly in popularity for remote access  Easy to implement Webservers already implement it Clients already have browsers If only using HTTP, very easy Becoming popular New

11 11 SSL/TLS VPNs Growing rapidly in popularity for remote access  SSL/TLS gateways at sites allow more Single point of encryption for access to multiple webservers Output from some applications, such as Outlook and Outlook express, are “webified” so that they can be delivered to browsers If browser will accept a downloaded add-in program, can get access to even more applications New

12 12 Figure 8-5: Point-to-Point Protocol (PPP) and RADIUS for Dial-Up Remote Access RADIUS Server RAS 1 RAS 2 Remote Corporate PC Remote Corporate PC Public Switched Telephone Network Corporate Site A 2. OK? 1. Login Username And Password Dial-Up Connection Dial-Up Connection 2. OK? RAS = Remote Access Server

13 13 Figure 8-5: Point-to-Point Protocol (PPP) and RADIUS for Dial-Up Remote Access RADIUS Server RAS 1 RAS 2 Remote Corporate PC Remote Corporate PC Public Switched Telephone Network Corporate Site A 3. OK4. Welcome Dial-Up Connection Dial-Up Connection 3. No 4. Refuse

14 14 Figure 8-6: PPP Authentication No Authentication Is an Option Client Server

15 15 Figure 8-6: PPP Authentication PAP Authentication Authentication-Request Messages (Send Until Response) Authentication-Response Message Client Server Poor Security: Usernames and Passwords Are Sent in the Clear

16 16 Figure 8-6: PPP Authentication CHAP Authentication Challenge Message Response Message Hash (Challenge Message + Secret) Client Server Server computes hash of challenge message plus secret If equals the response message, authentication is successful

17 17 Figure 8-6: PPP Authentication MS-CHAP Authentication Challenge Message Response Message Hash (Challenge Message + Password) Client Server CHAP, but with password as the secret. Widely used because allows password authentication Standard on Microsoft Windows client Only as secure as password strength

18 18 Figure 8-6: PPP Authentication EAP Authentication Authenticate Defer authentication; Will provide more information Client Server EAP defers authentication to a later process Such as RADIUS authentication

19 19 Figure 8-7: PPP Encryption New PPP Header. Plaintext. Original PPP Frame. Encrypted. New PPP Trailer. Plaintext.

20 20 Figure 8-7: PPP Encryption IETF Specifies DES and 3DES for PPP encryption Microsoft uses Microsoft Point-to-Point Encryption (MPPE) for its remote access servers Increasingly, AES is being incorporated into PPP products New

21 21 Figure 8-8: PPP on Direct Links and Internets Connection over Direct Link PPP Provides End-to-End Link PPP Frame Verifier (Server) Applicant (Client)

22 22 Figure 8-8: PPP on Direct Links and Internets Connection over Internet PPP Frame in IP Packet PPP Limited to First Data Link (Network) Verifier (Server) Applicant (Client) Router The PPP frame is encapsulated in an IP packet. This is the opposite of the normal practice The packet is carried in a separate Frame in each network along the route

23 23 Figure 8-8: PPP on Direct Links and Internets Note: Tunneling Places the PPP Frame in an IP Packet, Which Delivers the Frame. To the Receiver, Appears to be a Direct Link. Allows organization to continue using existing PPP-based security such as encryption and authentication

24 24 Figure 8-9: Point-to-Point Tunneling Protocol (PPP) RADIUS Server PPTP RAS ISP PPTP Access Concentrator Corporate Site A IP Protocol 47 (GRE) Data Connection TCP Port 1723 Supervisory Connection (Vulnerable) Internet Remote Corporate PC Local ISP Access (Not Secure)

25 25 Figure 8-9: Point-to-Point Tunneling Protocol (PPP) RADIUS Server PPTP RAS Corporate Site A IP Protocol 47 (GRE) Data Connection TCP Port 1723 Supervisory Connection (Vulnerable) Internet Remote Corporate PC New: Not in Book Direct connection between PC and RAS

26 26 Figure 8-10: PPTP Encapsulation for Data Frames Enhanced General Routing Encapsulation (GRE) Header; Information About Encapsulated Packet New IP Header; Protocol=47; IP Destination Address Is That of Remote Access Server Encapsulated Original Frame

27 27 Figure 8-11: Layer 2 Tunneling Protocol (L2TP) Internal Server L2TP RAS DSL Access Multiplexer (DSLAM) with L2TP Client Running PPP Carrier Network Local Network L2TP Tunnel DSL Note: L2TP does not provide security. It provides only tunneling. L2TP recommends the use of IPsec for security.

28 28 Figure 8-12: IPsec Operation: Tunnel and Transport Modes Secure Connection Secure on the Internet Transport Mode Site Network Site Network Security in Site Network Security in Site Network Extra Software Required Extra Software Required

29 29 Figure 8-12: IPsec Operation: Tunnel and Transport Modes Tunneled Connection Secure on the Internet Tunnel Mode Site Network Site Network No Security in Site Network No Security in Site Network No Extra Software No Extra Software IPsec Server IPsec Server

30 30 Figure 8-12: IPsec Operation: Tunnel and Transport Modes Transport Mode Orig. IP Hdr IPsec Hdr Protected Packet Data Field Destination IP Address Is Actual Address; Vulnerable to Scanning Tunnel Mode New IP Hdr IPsec Hdr Protected Original Packet Destination IP Address is IPsec Gateway Address Host IP Address Is not Revealed

31 31 Figure 8-13: IPsec ESP and AH Protection IP Header ESP Header Protected ESP Trailer IP Header Authentication Header Protected Confidentiality Authentication and Message Integrity No Confidentiality Protocol = 50 Protocol = 51 Encapsulating Security Payload Authentication Header

32 32 Modes and Protections ESP Confidentiality Authentication Integrity AH Authentication Integrity Transport Mode (End-to-End) Possible Tunnel Mode (IPsec Gateway to Gateway) Possible

33 33 Figure 8-14: IPsec Security Associations IPsec Policy Server 2. Security Association (SA) for Transmissions from A to B 3. Security Association (SA) For Transmission from B to A (Can Be Different Than A to B SA) Party A Party B 1. List of Allowable Security Associations 1. List of Allowable Security Associations

34 34 Figure 8-15: Establishing IPsec Security Associations Using IKE Internet Key Exchange Security Association UDP Port 500 Party A Party B IPsec SAs First establish IKE association and protected session Then create IPsec SAs within the Protection of the IKE session.

35 35 Figure 8-16: Key-Hashed Message Authentication Codes (HMACs) Shared Key HMAC Original Plaintext Key-Hashed Message Authentication Code (HMAC) Appended to Plaintext Before Transmission Hashing with MD5, SHA1, etc. Note: There is no encryption; only hashing

36 36 Figure 8-16: Key-Hashed Message Authentication Codes (HMACs) Shared Key Computed HMAC Received Original Plaintext Hashing with same algorithm. Receiver Redoes the HMAC Computation On the Received Plaintext Received HMAC If computed and received HMACs are the same, The sender must know the key and so is authenticated

37 37 Figure 8-17: Kerberos Authentication System Applicant (A) Kerberos Server Key Distribution Center (K) Verifier (V) Abbreviations: A = Applicant V = Verifier K = Kerberos Server

38 38 Figure 8-17: Kerberos Authentication System Applicant (A) Kerberos Server Key Distribution Center (K) Verifier (V) 1. Request for Ticket-Granting Ticket 2. Response: TGT* Key nA** *TGT (Ticket-Granting Ticket) is encrypted in a way that only K can decrypt. Contains information that K will read later. **Key nA (Network Login Key for A) is encrypted with A’s Master Key (Key mA). In future interactions with K, A will use nA to limit the master key’s exposure.

39 39 Figure 8-18: Kerberos Ticket-Granting Service: Part 1 Applicant (A) Kerberos Server Key Distribution Center (K) Verifier (V) 1.Request Service Ticket for V; TGT; Authenticator* encrypted with Key nA 2. Response: Key AV** encrypted with Key nA; Service Ticket *Authenticator is A’s IP address, user name, and time stamp. This authenticator is encrypted with Key nA to prove that A sent it. **Key AV is a symmetric session key that A will use with V.

40 40 Figure 8-19: Kerberos Ticket-Granting Service: Part 2 Applicant (A) Kerberos Server Key Distribution Center (K) Verifier (V) *Authenticator (Auth) encrypted with Key AV. **Service Ticket contains Key AV encrypted with the Verifier’s master key, Key mV. 3. Request for Connection: Auth*; Service Ticket** 4. V decrypts Service Ticket; Uses Key AV to test Auth 5. Ongoing Communication with Key AV

41 41 Figure 8-20: Placement of Firewalls and Cryptographic Servers Dilemma  Firewalls must examine packet contents  But a growing percentage of packets are being encrypted to prevent eavesdroppers from reading them  Firewalls cannot filter encrypted packets without decrypting them

42 42 Figure 8-20: Placement of Firewalls and Cryptographic Servers Internet Internal Host Cryptographic Server Firewall Firewall Creates Holes for Cryptographic Systems Filtered by Firewall Not Filtered by Firewall Some firewalls pass through encrypted packets in VPNs. Cryptographic server Comes after the firewall. No filtering can be done by the firewall.

43 43 Figure 8-20: Placement of Firewalls and Cryptographic Servers Internet Internal Host Can Read Decrypted Packets Firewall Cryptographic Server Filtered by Firewall Open to Attack Alternatively, the cryptographic server can be placed before the firewall. The firewall can filter the decrypted packets This leaves the cryptographic server open to attack If the firewall is taken over, the hacker can read everything

44 44 The Market Situation SSL/TLS is becoming very popular for remote access VPN service  Built into browsers and servers already  Users can access the network from any client Home PCs, internet cafés, kiosks, etc. New

45 45 The Market Situation SSL/TLS is becoming very popular for remote access VPN service  Works automatically for HTTP  Other applications are harder Some applications can be “webified”—each output output can be incorporated as a webpage For other applications, a small program can be downloaded to the client to add features Non-HTTP applications are very time consuming to manage New

46 46 The Market Situation IPsec is Popular for Site-to-Site Networking  In tunnel mode, no need to install software on individual clients and servers For remote access, however, need software and configuration on client PC  Transparent to applications—no need to provide different applications differently New

47 47 Topics Covered Cryptographic Systems  Initial Hand-Shaking Phases Negotiation of parameters Mutual authentication Key exchange of symmetric session key  Ongoing Communication Message-by-message confidentiality, authentication, and message integrity  Occur at several layers

48 48 Topics Covered Virtual Private Networks  Secure communication over the Internet  Site-to-Site VPNs Between security gateways at each site Must handle a large amount of intersite traffic  Remote Access VPNs To connect an individual user to a site  Host-to-Host (not mentioned in the text)

49 49 Topics Covered SSL/TLS  Works at the transport layer  Protects SSL/TLS-aware applications Mostly HTTP  Widely used in e-commerce  Firms are beginning to use it for remote access HTTP access Webified applications (e-mail) With downloaded client program, even more

50 50 Topics Covered SSL/TLS  Negotiation of security parameters  Server authenticates self to client using digital certificate (usually not mutual authentication)  Client generates random session key, sends to server with public key exchange

51 51 Topics Covered Point-to-Point Tunneling Protocol (PPTP)  Traditional PPP remote access Dial-in using PPP at the data link layer Remote access servers at site Single RADIUS server holds authentication data  Usually client password PPP can only work over a single data link Will not work over the Internet, which has multiple data links along a route

52 52 Topics Covered Point-to-Point Tunneling Protocol (PPTP)  PPTP Tunneling Encapsulates PPP frame within a packet Packet travels to the RAS over the Internet This allows end-to-end PPP frame transfer Placing a message in another message is called tunneling

53 53 Topics Covered Point-to-Point Tunneling Protocol (PPTP)  PPTP Security Based on PPP security Several forms of PPP authentication  Some very weak  EAP allows advanced options PPP confidentiality  DES or MPPE (more recently, AES)

54 54 Topics Covered Point-to-Point Tunneling Protocol (PPTP)  PPTP uses two connections GRE connection for carrying PPP frames (secure) TCP Port 1723 supervisory connection (not secure!)  PPTP gateways often get authentication data from a RADIUS server New

55 55 Topics Covered Layer 2 Tunneling Protocol  Protocol for tunneling messages over the Internet  Has not security of its own Assumes you will be using IPsec security at the internet layer

56 56 Topics Covered IP Security (IPsec)  Internet layer security Transparently protects all upper layers Dominates site-to-site security today The highest-security VPN  Tunnel versus Transport Mode Gateway-to-gateway vs host-to-host Ease of installation vs higher security Tunnel mode dominates today

57 57 Topics Covered IPsec  ESP versus AH ESP dominates Both work with both tunnel and transport mode  Security Associations Policy-based restrictions on security parameters in a connection Two end points first set up IKE session  Within IKE protection, negotiate the SA

58 58 Topics Covered IPsec  Key-Hashed Message Authentication Codes (HMACs) Used for message-by-message authentication Created using hashing, which is much faster than the public key encryption used with digital signatures

59 59 Topics Covered Kerberos Cryptographic System  Complete cryptographic system Known best for authentication Also does key exchange for subsequent confidential communication  Elements Kerberos server Applicant Verifier

60 60 Topics Covered Kerberos Cryptographic System  Complete cryptographic system  Authentication System (Initial Stage) Applicant gets a ticket-granting ticket Applicant gets a key to use during a session for use with the Kerberos server

61 61 Topics Covered Kerberos Cryptographic System  Ticket-Granting Service Applicant sends ticket-granting ticket and name of a verifier to which it would like to connect Kerberos server sends back a symmetric session key to use with the verifier Kerberos server also sends the applicant a service ticket, which the applicant sends to the verifier The service ticket gives the verifier the symmetric session key to use with the applicant

62 62 Topics Covered Firewall Placement  If place the firewall before the gateway server, Will not be able to filter the encrypted communication Merely pass through the VPN traffic to the gateway server  If after the gateway server, which decrypts traffic Can filter the VPN traffic But the gateway server is not protected by the firewall

63 63 Topics Covered Market Situation  IPsec now dominates for site-to-site networking VPNs  SSL/TLS is beginning to dominate for remote access VPNs

Download ppt "1 Chapter 8 Panko, Corporate Computer and Network Security Copyright 2004 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos."

Similar presentations

Encrypting Wireless Data with VPN Techniques

Encrypting Wireless Data with VPN Techniques
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.

1 Chapter 2: Networking Protocol Design Designs That Include TCP/IP Essential TCP/IP Design Concepts TCP/IP Data Protection TCP/IP Optimization.
Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206) 217-7048

Securing Remote PC Access to UNIX/Linux Hosts with VPN or SSH Charles T. Moetului WRQ, Inc. (206)
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
SCSC 455 Computer Security Virtual Private Network (VPN)

SCSC 455 Computer Security Virtual Private Network (VPN)
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Guide to Network Defense and Countermeasures Second Edition

Guide to Network Defense and Countermeasures Second Edition
Virtual Private Networks and IPSec

Virtual Private Networks and IPSec
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.

VPN – Virtual Private Networking. VPN A Virtual Private Network (VPN) connects the components of one network over another network. VPNs accomplish this.
K. Salah1 Security Protocols in the Internet IPSec.

K. Salah1 Security Protocols in the Internet IPSec.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Remote Networking Architectures

Remote Networking Architectures
Point-to-Point Protocol (PPP) Security Connecting to remote access servers (RASs) PPP authentication PPP confidentiality Point-to-Point Tunneling Protocol.

Point-to-Point Protocol (PPP) Security Connecting to remote access servers (RASs) PPP authentication PPP confidentiality Point-to-Point Tunneling Protocol.
Securing Insecure Networks SSL/TLS & IPSec. 4-1: Cryptographic System Copyright Pearson Prentice-Hall 2010 2.

Securing Insecure Networks SSL/TLS & IPSec. 4-1: Cryptographic System Copyright Pearson Prentice-Hall

Similar presentations

Ads by Google