Académique Documents
Professionnel Documents
Culture Documents
Alice
data
channel
secure
sender
Bob
data, control
messages
secure
receiver
data
Trudy
8: Network Security 8-3
encryption
algorithm
Bobs
K decryption
B key
ciphertext
decryption plaintext
algorithm
plaintext:
abcdefghijklmnopqrstuvwxyz
ciphertext:
mnbvcxzasdfghjklpoiuytrewq
E.g.:
KA-B
plaintext
message, m
encryption ciphertext
algorithm
K (m)
A-B
decryption plaintext
algorithm
m=K
A-B
( KA-B(m) )
plaintext
message, m
encryption ciphertext
algorithm
+
K (m)
B
- Bobs private
B key
decryption plaintext
algorithm message
+
m = K B(K (m))
B
8: Network Security 8-
K (K (m))
+ = m = K (K (m))
B B
Authentication
Goal: Bob wants Alice to prove her identity
to him
Protocol ap1.0: Alice says I am Alice
I am Alice
Failure scenario??
8: Network Security 8-
Authentication
Goal: Bob wants Alice to prove her identity
to him
Protocol ap1.0: Alice says I am Alice
I am Alice
in a network,
Bob can not see
Alice, so Trudy simply
declares
herself to be Alice
8: Network Security 8-
Alices
I am Alice
IP address
Failure scenario??
8: Network Security 8-
Alices
IP address
8: Network Security 8-
Alices
Alices
Im Alice
IP addr password
Alices
IP addr
OK
Failure scenario??
8: Network Security 8-
Alices
Alices
Im Alice
IP addr password
Alices
IP addr
OK
Alices
Alices
Im Alice
IP addr password
8: Network Security 8-
Alices encrypted
Im Alice
IP addr password
Alices
IP addr
OK
Failure scenario??
8: Network Security 8-
Alices encrypted
Im Alice
IP addr password
Alices
IP addr
record
and
playback
still works!
OK
Alices encrypted
Im Alice
IP addr password
8: Network Security 8-
8: Network Security 8-
Authentication: ap5.0
ap4.0 requires shared symmetric key
can we authenticate using public key techniques?
ap5.0: use nonce, public key cryptography
I am Alice
R
Bob computes
+ -
K A (R)
KA
KA(KA (R)) = R
8: Network Security 8-
I am Alice
R
K (R)
T
K (R)
A
+
K
T
+
K
A
- +
m = K (K (m))
A A
+
K (m)
A
Trudy gets
- +
m = K (K (m))
T Alice
sends T
m to
+
K (m)
T
encrypted with
Alices public key
8: Network Security 8-
Difficult to detect:
Bob receives everything that Alice sends, and vice
versa. (e.g., so Bob, Alice can meet one week later and
recall conversation)
problem is that Trudy receives all messages as well!
8: Network Security 8-
Digital Signatures
Cryptographic technique analogous to handwritten signatures.
sender (Bob) digitally signs document,
8: Network Security 8-
Digital Signatures
Simple digital signature for message m:
Bob signs m by encrypting with his private key
-
Bobs message, m
Dear Alice
Oh, how I have
missed you. I think of
you all the time!
(blah blah blah)
K B Bobs private
key
Public key
encryption
algorithm
K B(m)
Bobs message,
m, signed
(encrypted) with
his private key
Bob
8: Network Security 8-
8: Network Security 8-
Message Digests
Computationally expensive
to public-key-encrypt
long messages
Goal: fixed-length, easy- tocompute digital
fingerprint
apply hash function H to
m, get fixed size message
digest, H(m).
large
message
m
H: Hash
Function
H(m)
H: Hash
function
Bobs
private
key
KB
encrypted
msg digest
H(m)
digital
signature
(encrypt)
encrypted
msg digest
KB(H(m))
large
message
m
H: Hash
function
H(m)
KB(H(m))
Bobs
public
key
KB
digital
signature
(decrypt)
H(m)
equal
?
8: Network Security 8-
8: Network Security 8-
Trusted Intermediaries
Symmetric key problem:
Solution:
trusted key distribution
Solution:
trusted certification
authority (CA)
8: Network Security 8-
each
KB-KDC
KA-KDC
KX-KDC
KY-KDC
KB-KDC
KZ-KDC
8: Network Security 8-
Certification Authorities
Certification authority (CA): binds public key to
particular entity, E.
E (person, router) registers its public key with CA.
Bobs
identifying
information
KB
digital
signature
(encrypt)
CA
private
key
K-
CA
KB
certificate for
Bobs public key,
signed by CA
8: Network Security 8-
Certification Authorities
When Alice wants Bobs public key:
+
KB
digital
signature
(decrypt)
CA
public
key
Bobs
public
+
K B key
+
K CA
8: Network Security 8-
A certificate contains:
Serial number (unique to issuer)
info about certificate owner, including algorithm
issuer
valid dates
digital signature by issuer
8: Network Security 8-
server authentication
data encryption
client authentication
(optional)
server authentication:
SSL-enabled browser
includes public keys for
trusted CAs.
Browser requests
server certificate,
issued by trusted CA.
Browser uses CAs
public key to extract
servers public key from
certificate.
check your browsers
8: Network Security 8-
SSL (continued)
Client
Server
Open secure socket
Certificate (CA signed Pub Key)
Verify CA trusted
Extract Server Pub Key
Generate symmetric Session Key
Encrypt Session Key with Server Pub Key
Encrypted Session Key
Extract Session Key
(using Private Key)
In Java all of this happens behind the scenes!
SSLSocket s = (SSLSocket)sslFact.createSocket(host, port);
8: Network Security 8-
SSL Observations
Previous example does not
Show how public/private key pairs are
generated
Manually
8: Network Security 8-
Project 3
Project 3 Overview
Project 3
CA behavior
1. Accepts connections from clients does not
require SSL-based client authentication
Note: The T/D Server can act as a client when connecting
to the CA
2.
3.
4.
5.
Project 3
Server behavior
1. Connect to trusted CA
2. Send password for CA authentication of Server
3. Send Public Key to CA
4. Receive certificate from CA
5. Wait for secure client connection
6. Require client authentication client must have CAsigned certificate
7. Allow client to request time or date
8. Send response
8: Network Security 8-
Project 3
Client behavior
1. Connect to trusted CA
2. Send password for CA authentication of Server
3. Send Public Key to CA
4. Receive certificate from CA
5. Securely connect to server
6. Request time or date
7. Receive/display response
8: Network Security 8-
certificates
8: Network Security 8-
SSLSocketFactory/SSLServerSocketFact
8: Network Security 8-
youd expect
8: Network Security 8-
standard
8: Network Security 8-
Firewalls
firewall
isolates organizations internal net from larger
Internet, allowing some packets to pass,
blocking others.
public
Internet
administered
network
firewall
8: Network Security 8-
Firewalls: Why
prevent denial of service attacks:
SYN flooding: attacker establishes many bogus TCP
connections, no resources left for real connections.
prevent illegal modification/access of internal data.
e.g., attacker replaces CIAs homepage with
something else
allow only authorized access to inside network (set of
authenticated users/hosts)
two types of firewalls:
application-level
packet-filtering
8: Network Security 8-
Packet Filtering
Should arriving
packet be allowed
in? Departing packet
let out?
router firewall
router filters packet-by-packet, decision to
forward/drop packet based on:
8: Network Security 8-
Packet Filtering
Example 1: block incoming and outgoing
8: Network Security 8-
Application gateways
Filters packets on
host-to-gateway
telnet session
application
gateway
gateway-to-remote
host telnet session
8: Network Security 8-
Countermeasures?
8: Network Security 8-
8: Network Security 8-
src:B dest:A
payload
Countermeasures?
8: Network Security 8-
src:B dest:A
payload
8: Network Security 8-
A
src:B dest:A
Countermeasures?
payload
B
8: Network Security 8-
A
src:B dest:A
payload
B
8: Network Security 8-
SYN
SYN
SYN
SYN
SYN
B
Countermeasures?
SYN
SYN
8: Network Security 8-
filter out flooded packets (e.g., SYN) before reaching host: throw
out good with bad
traceback to source of floods (most likely an innocent,
compromised machine)
SYN
SYN
SYN
SYN
SYN
B
SYN
SYN
8: Network Security 8-