1. William Stallings Data and Computer Communications Chapter 18 Network Security

2. Security Requirements zConfidentiality zIntegrity zAvailability

3. Passive Attacks zEavesdropping on transmissions zTo obtain information zRelease of message contents yOutsider learns content of transmission zTraffic analysis yBy monitoring frequency and length of messages, even encrypted, nature of communication may be guessed zDifficult to detect zCan be prevented

4. Active Attacks zMasquerade yPretending to be a different entity zReplay zModification of messages zDenial of service zEasy to detect yDetection may lead to deterrent zHard to prevent

5. Security Threats

6. Conventional Encryption

7. Ingredients zPlain text zEncryption algorithm zSecret key zCipher text zDecryption algorithm

8. Requirements for Security zStrong encryption algorithm yEven if known, should not be able to decrypt or work out key yEven if a number of cipher texts are available together with plain texts of them zSender and receiver must obtain secret key securely zOnce key is known, all communication using this key is readable

9. Attacking Encryption zCrypt analysis yRelay on nature of algorithm plus some knowledge of general characteristics of plain text yAttempt to deduce plain text or key zBrute force yTry every possible key until plain text is achieved

10. Algorithms zBlock cipher yProcess plain text in fixed block sizes producing block of cipher text of equal size yData encryption standard (DES) yTriple DES (TDES)

11. Data Encryption Standard zUS standard z64 bit plain text blocks z56 bit key

12. DES Encryption Algorithm

13. DES Single Iteration

14. Strength of DES zDeclared insecure in 1998 zElectronic Frontier Foundation zDES Cracker machine zDES now worthless zAlternatives include TDEA

15. Triple DEA zANSI X9.17 (1985) zIncorporated in DEA standard 1999 zUses 3 keys and 3 executions of DEA algorithm zEffective key length 168 bit

16. Location of Encryption Devices

17. Link Encryption zEach communication link equipped at both ends zAll traffic secure zHigh level of security zRequires lots of encryption devices zMessage must be decrypted at each switch to read address (virtual circuit number) zSecurity vulnerable at switches yParticularly on public switched network

18. End to End Encryption zEncryption done at ends of system zData in encrypted form crosses network unaltered zDestination shares key with source to decrypt zHost can only encrypt user data yOtherwise switching nodes could not read header or route packet zTraffic pattern not secure zUse both link and end to end

19. Key Distribution zKey selected by A and delivered to B zThird party selects key and delivers to A and B zUse old key to encrypt and transmit new key from A to B zUse old key to transmit new key from third party to A and B

20. Automatic Key Distribution (diag)

21. Automatic Key Distribution zSession Key yUsed for duration of one logical connection yDestroyed at end of session yUsed for user data zPermanent key yUsed for distribution of keys zKey distribution center yDetermines which systems may communicate yProvides one session key for that connection zFront end processor yPerforms end to end encryption yObtains keys for host

22. Traffic Padding zProduce cipher text continuously zIf no plain text to encode, send random data zMake traffic analysis impossible

23. Message Authentication zProtection against active attacks yFalsification of data yEavesdropping zMessage is authentic if it is genuine and comes from the alleged source zAuthentication allows receiver to verify that message is authentic yMessage has not altered yMessage is from authentic source yMessage timeline

24. Authentication Using Encryption zAssumes sender and receiver are only entities that know key zMessage includes: yerror detection code ysequence number ytime stamp

25. Authentication Without Encryption zAuthentication tag generated and appended to each message zMessage not encrypted zUseful for: yMessages broadcast to multiple destinations xHave one destination responsible for authentication yOne side heavily loaded xEncryption adds to workload xCan authenticate random messages yPrograms authenticated without encryption can be executed without decoding

26. Message Authentication Code zGenerate authentication code based on shared key and message zCommon key shared between A and B zIf only sender and receiver know key and code matches: yReceiver assured message has not altered yReceiver assured message is from alleged sender yIf message has sequence number, receiver assured of proper sequence

27. Message Authentication Using Message Authentication Code

28. One Way Hash Function zAccepts variable size message and produces fixed size tag (message digest) zAdvantages of authentication without encryption yEncryption is slow yEncryption hardware expensive yEncryption hardware optimized to large data yAlgorithms covered by patents yAlgorithms subject to export controls (from USA)

29. Using One Way Hash

30. Secure Hash Functions zHash function must have following properties: yCan be applied to any size data block yProduce fixed length output yEasy to compute yNot feasible to reverse yNot feasible to find two message that give the same hash

31. SHA-1 zSecure Hash Algorithm 1 zInput message less than 2 64 bits yProcessed in 512 bit blocks zOutput 160 bit digest

32. Public Key Encryption zBased on mathematical algorithms zAsymmetric yUse two separate keys zIngredients yPlain text yEncryption algorithm yPublic and private key yCipher text yDecryption algorithm

33. Public Key Encryption (diag)

34. Public Key Encryption - Operation zOne key made public yUsed for encryption zOther kept private yUsed for decryption zInfeasible to determine decryption key given encryption key and algorithm zEither key can be used for encryption, the other for decryption

35. Steps zUser generates pair of keys zUser places one key in public domain zTo send a message to user, encrypt using public key zUser decrypts using private key

36. Digital Signature zSender encrypts message with their private key zReceiver can decrypt using sneders public key zThis authenticates sender, who is only person who has the matching key zDoes not give privacy of data yDecrypt key is public

37. RSA Algorithm

38. RSA Example

39. IPv4 and IPv6 Security zIPSec zSecure branch office connectivity over Internet zSecure remote access over Internet zExtranet and intranet connectivity zEnhanced electronic commerce security

40. IPSec Scope zAuthentication header zEncapsulated security payload zKey exchange zRFC 2401,2402,2406,2408

41. Security Association zOne way relationship between sender and receiver zFor two way, two associations are required zThree SA identification parameters ySecurity parameter index yIP destination address ySecurity protocol identifier

42. SA Parameters zSequence number counter zSequence counter overflow zAnti-reply windows zAH information zESP information zLifetime of this association zIPSec protocol mode yTunnel, transport or wildcard zPath MTU

43. Transport and Tunnel Modes zTransport mode yProtection for upper layer protocols yExtends to payload of IP packet yEnd to end between hosts zTunnel mode yProtection for IP packet yEntire packet treated as payload for outer IP “packet” yNo routers examine inner packet yMay have different source and destination address yMay be implemented at firewall

44. Authentication Header

45. Encapsulating Security Payload zESP zConfidentiality services

46. ESP Packet

47. Scope of ESP

48. Key Management zManual zAutomatic yISAKMP/Oakley xOakley key determination protocol xInternet security association and key management protocol

49. Required Reading zStallings chapter 18