Second International Conference on Emerging Trends in Engineering and Technology, ICETET-09

Pluggable Encryption Algorithm In Secure Shell(SSH) Protocol

P.Iyappan1, K.S.Arvind2,N.Geetha3 ,S.Vanitha4
Lecturer, Rajiv Gandhi College of Engg & Technology, Puducherry, India M.TECH Student, Dr. Pauls College of Engineering, Puducherry, India 3 Lecturer, Rajiv Gandhi College of Engg & Technology, Puducherry, India 4 Lecturer, Rajiv Gandhi College of Engg & Technology, Puducherry, India
2 1

E-mail: iyappanbenator@gmail.com

Abstract
System security is a crucial constraint for Secure Transfer of data. Because of the nature of the SSH Protocol, anyone with access to the central server can manipulate files, it is imperative that only authorized users be able to access the central server. Secure Transfer has taken steps that will discourage several common attempts to forcefully gain access to the system. These steps include implementing a port knocking protocol, limiting access to only authorized machines and users, and keeping persistent logs. The Secure Shell (SSH) protocol is one of the most popular cryptographic protocols on the Internet. Secure Shell Protocol (SSH) uses the standard algorithms namely DES, AES and the RSA. Any user normally can use these algorithms which is being specified by the SSH protocol. As it is an OpenSSH, it is possible for the hackers to break the security during transmission of data. The idea behind the paper was when we allow the users to specify their own encryption techniques, which is not known to others can improve their security and also from hackers breaking the code. This will helps the user to create their encryption standards in the SSH protocol which provides more security to the users network and known only to the users. Keywords: Secure Shell Protocol, Symmetric & Asymmetric Cryptosystems, Encryption Algorithm

1.0 INTRODUCTION Secure Shell (SSH) provides an open protocol for securing network communications that is less complex and expensive than hardware-based VPN[1] solutions. Secure Shell client/server solutions provide command shell, file transfer, and data tunneling services for TCP/IP applications. SSH uses public/private key RSA authentication to check the identity of communicating peer machines, encryption of all data exchanged (with strong algorithms such as blowfish, 3DES, IDEA etc.).SSH exists in two versions namely SSH1[6] and the recent version SSH2[6]. The Secure Shell protocol version, or SSH, specifies how a client can connect securely to an SSH server, and then use the resulting secure link to access the server's resources.. SSH is a very flexible protocol, and many different types of services can run on top of it. Additionally, the protocol's open architecture allows these services to run all at the same time without impeding each other. As Internet access becomes increasingly inexpensive and available, it has become a viable replacement for traditional couriers,

telephone, and fax, as well as remote dial-up access to a companys internal computer resources. One of the biggest challenges in using the Internet to replace more traditional communications is security. In the past, companies have maintained their own modem bank dial-up access[2] to company resources so that critical data wasnt being transmitted over the public network. Modem banks are expensive to maintain and dont scale well. Secure Shell is a protocol that provides authentication, encryption and data integrity to secure network communications. 1.1 Components Of Secure Shell Protocol(SSH) SSH consists of three major components. They are Transport Layer Protocol - provides server authentication, confidentiality, and integrity. It may optionally also provide compression. The transport layer will typically be run over a TCP/IP connection, but might also be used on top of any other reliable data stream.

978-0-7695-3884-6/09 $26.00 2009 IEEE

808

User Authentication Protocol - authenticates the client side user to the server. It runs over the transport layer protocol. Connection Protocol - multiplexes the encrypted tunnel into several logical channels. It runs over the user authentication protocol. The client sends a service request once a secure transport layer connection has been established. A second service request is sent after user authentication is complete. This allows new protocols to be defined and coexist with the protocols listed above. The connection protocol provides channels that can be used for a wide range of purposes. Standard methods are provided for setting up secure interactive shell sessions and for forwarding ("tunneling") arbitrary TCP/IP ports and X11[3] connections. 1.2 Functionality Of Secure Shell Secure Shell provides three main capabilities, which open the door for many creative secure solutions. Secure command-shell Port forwarding Secure file transfer 1.2.1 Secure Command Shell Command shells such as those available in Linux, UNIX, Windows, or the familiar DOS prompt provide the ability to execute programs and other commands, usually with character output. A secure command-shell or remote logon allows you to edit files, view the contents of directories and access custom database applications. Systems and network administrators can remotely start batch jobs, start, view or stop services and processes, create user accounts, change permissions to files and directories and more. 1.2.2 Port Forwarding Port forwarding is a powerful tool that can provide security to TCP/IP applications including e-mail, sales and customer contact databases, and in-house applications. Port forwarding, sometimes referred to as tunneling, allows data from normally unsecured TCP/IP applications to be secured. After port forwarding has been set up, Secure Shell reroutes traffic from a program (usually a client) and sends it across the encrypted tunnel, then delivers it to a program on the other side (usually a server). Multiple applications can transmit data over a single multiplexed channel, eliminating the need to open additional vulnerable ports on a firewall or router. Ref Fig 1. 1.2.3 Secure File Transfer Secure File Transfer Protocol (SFTP) is a subsystem of the

Fig. 1: Port forwarding Secure Shell protocol. In essence, it is a separate protocol layered over the Secure Shell protocol to handle file transfers. SFTP has several advantages over non-secure FTP. First, SFTP encrypts both the username/password and the data being transferred. Second, it uses the same port as the Secure Shell server, eliminating the need to open another port on the firewall or router. SFTP also avoids the network address translation (NAT)[3] issues that can often be a problem with regular FTP. One valuable use of SFTP is to create a secure extranet or fortify a server or servers outside the firewall accessible by remote personnel and/or partners (sometimes referred to as a DMZ[4] or secure extranet). Using SFTP to create a secure extranet for sharing files and documents with customers and partners balances the need for access with security requirements. Typical uses of a secure extranet include uploading of files and reports, making an archive of data files available for download and providing a secure mechanism for remote administration file oriented tasks. Extranets with business partners have proven to be much more effective for companies than more traditional methods of communication like phone or fax. In fact, SFTP can automate many of these transactions so they take place without human intervention. A secure extranet is one of the safest ways to make specific data available to customers, partners and remote employees without exposing other critical company information to the public network. Using SFTP on your extranet machines effectively restricts access to authorized users and encrypts usernames, passwords and files sent to or from the DMZ. 1.3 Protocol Basics of Secure Shell

The Secure Shell protocol provides four basic security benefits. User Authentication Host Authentication Data Encryption Data Integrity

809

1.3.1 User Authentication Authentication, also referred to as user identity, is the means by which a system verifies that access is only given to intended users and denied to anyone else. Many authentication methods are currently used, ranging from familiar typed passwords to more robust security mechanisms. Most Secure Shell implementations include password and public key authentication methods but others (e.g. Kerberos, NTLM, and Keyboard Interactive)[5] are also available. The Secure Shell protocols flexibility allows new authentication methods to be incorporated into the system as they become available. They are as follows Password Authentication Public Key Authentication Private Key Authentication 1.3.2 Host Authentication A host key is used by a server to prove its identity to a client and by a client to verify a known host. Host keys are described as persistent (they are changed infrequently) and are asymmetric. If a machine is running only one SSH server, a single host key serves to identify both the machine and the server. If a machine is running multiple SSH servers, it may either have multiple host keys or use a single key for multiple servers. Host keys are often confused with session keys, which are used in the data encryption process[5]. 1.3.3 Data Encryption Encryption sometimes referred to as privacy, means that your data is protected from disclosure to a would-be attacker sniffing or eavesdropping on the wire Ciphers are the mechanism by which Secure Shell encrypts and decrypts data being sent over the wire. A block cipher is the most common form of symmetric key algorithms (e.g. DES, 3DES, Blowfish, AES, and Two fish)[7].These operate on a fixed size block of data, use a single, secret, shared key, and generally involve multiple rounds of simple, non-linear functions. The data at this point is encrypted and cannot be reversed without the shared key. When a client establishes a connection with a Secure Shell server, they must agree which cipher they will use to encrypt and decrypt data. The server generally presents a list of the ciphers it supports, and the client then selects the first cipher in its list that matches one in the servers list. Session keys are the shared keys described above and are randomly generated by both the client and the server during establishment of a connection. Both the client and host use the same session key to encrypt and decrypt data although a different key is used for the send and receive channels. Session keys are generated after host authentication is successfully performed but before user authentication so that usernames and passwords can be sent encrypted. These

keys may be replaced at regular intervals (e.g., every one to two hours) during the session and are destroyed at its conclusion. 1.3.4 Data Integrity Data integrity guarantees that data sent from one end of a transaction arrives unaltered at the other end. Even with Secure Shell encryption, the data being sent over the network could still be vulnerable to someone inserting unwanted data into the data stream .Secure Shell version 2 (SSH2) uses Message Authentication Code (MAC) algorithms[6] to greatly improve upon the original Secure Shells (SSH1) simple 32-bit CRC data integrity checking method[6]. The above all topics summarize the usage of SSH, its functions and why SSH protocol is being chosen in the paper. Also this chapter summarizes the process followed in its client-server communication which involves initially setting up the connection, followed by authentication and encryption of the data. 2.0 EXISTING SYSTEM This chapter deals with the existing system of the SSH protocol wherein the standard ciphers are used. The chapter involves in analyzing the problem and presents the solution to overcome the problem. The chapter also explains the working of the standard cipher algorithms namely the RSA, DES and the way it encrypts and decrypts the user data. 2.1 Symmetric Cryptosystems: DES and AES DES uses 64-bit blocks with a 64-bit key (although only 56 bits are significant; the other 8 are parity bits). The bits within a block are shuffled and XORed with the key in a sequence of 16 substitutions called rounds, to create the cipher text. Applying the same process (with the same key) to the cipher text restores the original plaintext, so the process is symmetric. It has been very widely used, by the US government and commercial organizations around the world, including many financial institutions. It is easy to code and as it only involves bit-shifting operations combined with a few small look-up tables it doesnt impose too much of a computational load. Unfortunately, while it was secure enough when it was introduced, advances in computer hardware mean the relatively short key is now vulnerable to a brute-force attack. AES is similar to DES in principle but uses much longer keys (128, 192 or 256 bits) and is specifically designed to resist the most sophisticated cryptographic attacks, methods such as timing analysis (looking for correlations between a plaintext and the time taken to encrypt it) and power analysis (looking for variations in the processor power

810

requirements for encrypting different plain texts). It has very low memory requirements so is particularly suited for various embedded applications. 2.2 Asymmetric Cryptosystems: RSA Symmetric block ciphers such as DES and AES can provide very high levels of security. However they have one obvious weakness, in that both sender and receiver must share the key, yet keep it secret from anyone else. This poses a particular problem for Internet commerce since a secret key would no longer be secret if it were sent over the Internet, and if it was embedded in a browser it could be discovered by reverse-engineering[9] the program. On the other hand without some way to encrypt web traffic, sensitive details such as credit card numbers would be available to anyone with the slightest knowledge of TCP/IP. The solution lies in an ingenious group of ciphers known as asymmetric or public key/private key systems. In asymmetric systems the key used to encrypt a message is not the same as that used to decrypt it. If a message has been encrypted using one key of a pair it cannot be decrypted even by someone else who has that key (crucially, knowing one key doesnt provide knowledge of the other). Only the matching key of the pair can be used for decryption. This seems rather extraordinary almost magical on the face of it. If you know both the encryption algorithm and the key, how is it possible that the encryption process cant simply be reversed to recover the original message. Nonetheless, thats exactly how it is. Given a pair of keys, a message encrypted with one can only be decrypted with the other and vice-versa. There are a number of asymmetric key systems but the best known and most widely used is RSA[8], The Secure Sockets Layer used for secure communications on the Internet uses RSA (the https protocol is simply http over SSL). Raising such very large numbers to very large exponents is computationally much more demanding than the bit shifting and XOR'ing of symmetric cryptosystems such as DES, so asymmetric encryption is really only practical for short messages. A common workaround when encrypting long messages is to use RSA to encrypt a short preamble containing a DES or AES key selected at random, and then send the main body of the message encrypted with that key. A recipient with the corresponding private key can decrypt the preamble and use the key it contains to decipher the rest of the message. Modern web browsers use exactly this method to conduct secure communications. 2.3 Problem Identification Secure Shell Protocol (SSH) uses the standard algorithms namely DES, AES and the RSA. Any user normally can use these algorithms which is being specified by the SSH protocol. These algorithms are known to the public and lead the possibility of the hackers to break the security in their information.

3.0 PROPOSED SYSTEM For the above reasons the user can create their encryption standards in the SSH protocol which provides more security to the users network and known only to users. By allowing the users to specify their own encryption techniques, which is not known to others can improve their security and also from hackers breaking the code. The problem identified is that SSH is a open source code and the standard algorithms such as RSA,DES are used in exsisting SSH, so the solution for the problem is being proposed in order to enhance the security in the existing SSH protocol. 3.1 System Architecture The system architecture deals with the explanation of working of the SSH protocol and the notations used in the SSH protocols. SSH uses client/server architecture [2] in its implementation. An SSH server can be deployed and allow several SSH clients to connect to it. The architecture is not unlike any other client/server architecture, where the server portion of the program is running a daemon or service that usually listens on port 22[10]. SSH does provide the ability for the daemon/service to listen on any port, however, it must be listening on a TCP connection. SSH has a configuration file, where the different options can be configured, such as password/public key authentication, port options, and home directories. SSH clients just need to know the IP address of the SSH server (or hostname) and the port on which it is listening, such as port 22. Based on the configuration of the SSH server, such as login requirements, the client just needs to authenticate to the server with the pre-defined requirements and get access to the session. The steps followed in the SSH processes are as follows: The SSH client on the left provides authentication to the SSH server on the right. In the initial connection, the client receives a host key of the server; therefore, in all subsequent connections, the client will know it is connecting to the same SSH server. This places less emphasis on the IP address of the SSH server, which can be easily spoofed, and more emphasis on the host key of the server, which cannot be spoofed very easily. The SSH server determines if the client is authorized to connect to the SSH service by verifying the username/password or public key that the Client has presented for authentication. This process is completely encrypted. If the SSH server authenticates the client and the client is authorized, The SSH session begins between the two entities. All communication is completely encrypted

811

CLIENT Transport Layer SSH Library Presentation Layer (GUI) SSH Connection

Server Custom Encryption Authenti cator SSH Library

Fig. 2: SSH Process The client/server architecture for SSH provides the ability for clients to have a single source for authentication and/or authorization. The single source for authentication/authorization allows access only to the SSH service, while access to various other services such as email, intranets, extranets, and IRC[9] requires further authentication. Also, with the use of SSH proxies described previously, a single source of authentication can provide access to applications without the need for more usernames and passwords. 3.2 SSH Encryption Architecture One of the many benefits of SSH is that it provides a fully encrypted protocol for transferring information.SSHs implementation architecture is just as flexible as the protocol itself. SSH is compatible with the major encryption algorithms used today, for example TripleDES, DES, AES, BlowFish, RSA. Any of the preceding encryption algorithms can be used for the ciphers for the SSH connection. Most of the ciphers are well supported, but the use of DES is strongly discouraged for the more secure 3DES option.

The architecture diagram is shown in the Fig. 3. The notations used in the diagram are as follows. Server that allows incoming SSH connections to a machine, handling authentication, authorization, and so on. Client that connects to SSH servers and makes requests, such as "log me in" or "copy this file" or sends data to and from. Session defines an ongoing connection between a client and a server. It begins after the client successfully authenticates to a server and ends when the connection terminates. Sessions may be interactive or batch. Key is a relatively small amount of data, generally from tens to one or two thousand bits, used as a parameter to cryptographic algorithms such as encryption or message authentication. The use of the key binds the algorithm operation in some way to the key holder: In encryption, it ensures that only someone else holding that key (or a related one) can decrypt the message. For Public key authentication, the server verifies its key with the clients private key. User key means persistent, asymmetric key used by clients as proof of a user's identity. Host key means persistent, asymmetric key used by a server as proof of its identity, as well as by a client when proving its host's identity as part of trusted-host authentication. Server key means temporary, asymmetric key used in the SSH-1 protocol. It is regenerated by the server at regular intervals and protects the session key. Thus the client-server architecture initiating with the establishment of connection between client-server followed by the authentication process and if success follows the encryption of data are explained. Also the notations used in the architecture of SSH are also explained. 3.3 Pluggable Encryption Algorithm in SSH Protocol The idea behind this paper is mainly divided in five sections. These sections must be explained briefly as follows. Transport Layer Authentication Layer Custom Encryption Loader Presentation Layer SSH Library 3.3.1 Transport Layer SSH is a protocol for secure remote login and other secure network services over an insecure network.This module describes the SSH transport layer protocol which typically runs on top of TCP/IP. The protocol can be used as a basis for a number of secure network services. It provides strong encryption, server authentication, and integrity protection. It may also provide compression.Key exchange method, public key algorithm, symmetric encryption algorithm, message authentication algorithm, and hash algorithm are all negotiated. The SSH transport layer is a secure low level transport protocol. It provides strong encryption,

Fig. 3: Architecture Diagram

812

cryptographic host authentication, and integrity protection.Authentication in this protocol level is hostbased; this protocol does not perform user authentication. A higher level protocol for user authentication can be designed on top of this protocol.The protocol has been designed to be simple, flexible, to allow parameter negotiation, and to minimize the number of round-trips. Key exchange method, public key algorithm, symmetric encryption algorithm, message authentication algorithm, and hash algorithm are all negotiated. It is expected that in most environments, only 2 round-trips will be needed for full key exchange, server authentication, service request, and acceptance notification of service request. The worst case is 3 round-trips. 3.3.2 Authentication Layer It helps the user to choose any of the 3 authentication methods [10]. The input for this module is hosted based authentication public key cryptography, username and password. The output for this module is the usage of the authentication schemes prescribed by the user. The SSH authentication protocol is a general-purpose user authentication protocol. It is intended to be run over the SSH transport layer protocol [SSH-TRANS]. This protocol assumes that the underlying protocols provide integrity and confidentiality protection. The service name for this protocol is "ssh-userauth". When this protocol starts, it receives the session identifier from the lower-level protocol (this is the exchange hash H from the first key exchange). The session identifier uniquely identifies this session and is suitable for signing in order to prove ownership of a private key.This protocol also needs to know whether the lowerlevel protocol provides confidentiality protection. 3.3.3 Custom Encryption Loader It helps in loading the new algorithm on to the SSH code. This will also helps in loading the algorithm requested by the client for the encryption. 3.3.4 Presentation Layer

4.0 CONCLUSION & FUTURE ENHANCEMENT Secure Shell Protocol (SSH) uses the standard algorithms namely DES, AES and the RSA. Any user normally can use these algorithms which is being specified by the SSH protocol. As it is an OpenSSH, it is possible for the hackers to break the security during transmission of data . But when we allow the users to specify their own encryption techniques, which is not known to others can improve their security and also from hackers breaking the code. This project helps the user to create their encryption standards in the SSH protocol which provides more security to the users network and known only to users. This work developed in windows successfully completed its part in fulfilling. In future it can be done in LINUX. Transferring of encrypted files can also be done using dynamic port which is under implementation. Using new authentication methods while establishing connection.Using new encryption algorithms and binding it with our SSH code. REFERENCE [1] Bruce Schneier 1996, Applied Cryptography- An excellent, practically oriented presentation of cryptographic algorithms, protocols, and methods, John Wiley & Sons, II Edition. [2] Douglas Stinson 1996, Cryptography-Theory and Practice- An excellent, self-contained introduction to cryptography, CRC Press, Second edition. [3] Alfred J. Menezes, Paul C. van Oorschot, and Scott A. Vanstone 1998, Handbook of Applied Cryptography, CRC Press, Third edition. [4] Neil Koblitz 1994, A Course in Number Theory and Cryptography, Springer, II Edition. [5] Eli Biham, Adi Shamir 1993, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, I Edition. [6] Charlie Kaufman, Radia Perlman, and Mike Speciner 1995, Network Security - Private Communication in a Public World, PHI, II Edition. [7] Jennifer Seberry and Josed Pieprzy 1989, Cryptography: An Introduction to Computer Security PHI, II Edition. [8] Joan Daemen and Vincent Rijmen 2002, AES - The Advanced Encryption Standard, Springer. [9] Alfred J. Menezes 1993, Elliptic curve public key cryptosystems, Kluwer Academic publishers, I Edition. [10] Ian Blake, Gadien Seroussi, and Nigel Smart 1999, Elliptic Curves in Cryptography, Cambridge university Press.

In this layer, At the end of client side, the data as an input is given by the client. Output of the data should reach the server. At the server side, It should display the data sent by the target value . 3.3.5 SSH Library

SSH Library is a Secure Shell client library for C++. It utilizes the Botan library for its cryptographic functions, allowing a large choice of algorithms to be used in SSH communications. It integrates Secure FTP client functionality and has been tested in multi-threaded applications.

813