6th edition, chapter 8 - Bucknell University

6th edition, chapter 8 - Bucknell University

Chapter 8 Security A note on the use of these ppt slides: Were making these slides freely available to all (faculty, students, readers). Theyre in PowerPoint form so you see the animations; and can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) that you mention their source (after all, wed like people to use our book!) If you post any slides on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material. Thanks and enjoy! JFK/KWR All material copyright 1996-2012 J.F Kurose and K.W. Ross, All Rights Reserved The course notes are adapted for CSCI 363 at Bucknell Spring 2016, Xiannong Meng Computer Networking: A Top Down Approach 6th edition Jim Kurose, Keith

Ross Addison-Wesley March 2012 8-1 Chapter 8 roadmap 8.1 8.2 8.3 8.4 8.5 8.6 8.7 8.8 What is network security? Principles of cryptography Message integrity, authentication Securing e-mail Securing TCP connections: SSL Network layer security: IPsec Securing wireless LANs Operational security: firewalls and IDS Network Security 8-2 What is network security? confidentiality: only sender, intended receiver

should understand message contents sender encrypts message receiver decrypts message authentication: sender, receiver want to confirm identity of each other message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection access and availability: services must be accessible and available to users Network Security 8-3 RSA: Operating Procedure 1. choose two large prime numbers p, q. (e.g., 1024 bits) 2. compute n = pq, z = (p-1)(q-1) 3. choose e (with e

K- B = m e mod n 6. to encrypt message m (

Network Security 8-5 Authenticatio n Goal: Bob wants Alice to prove her identity to him Protocol ap1.0: Alice says I am Alice I am Alice in a network, Bob can not see Alice, so Trudy simply declares herself to be Alice Network Security 8-6 Authentication: another try Protocol ap2.0: Alice says I am Alice in an IP packet containing her source IP address Alices IP address I am Alice

Failure scenario?? Network Security 8-7 Authentication: another try Protocol ap2.0: Alice says I am Alice in an IP packet containing her source IP address Alices IP address Trudy can create a packet spoofing Alices address I am Alice Network Security 8-8 Authentication: another try Protocol ap3.0: Alice says I am Alice and sends he secret password to prove i Alices

Alices Im Alice IP addr password Alices IP addr OK Failure scenario?? Network Security 8-9 Authentication: another try Protocol ap3.0: Alice says I am Alice and sends he secret password to prove i Alices Alices Im Alice IP addr password Alices IP addr OK playback attack: Trudy records Alices packet

and later plays it back to Bob Alices Alices Im Alice IP addr password Network Security 8-10 Authentication: yet another try Protocol ap3.1: Alice says I am Alice and sends he encrypted secret password to prove i Alices encrypted Im Alice IP addr password Alices IP addr OK Failure scenario?? Network Security 8-11

Authentication: yet another try Protocol ap3.1: Alice says I am Alice and sends he encrypted secret password to prove i Alices encrypted Im Alice IP addr password Alices IP addr OK record and playback still works! Alices encrypted Im Alice IP addr password Network Security 8-12 Authentication: yet another try

Goal: avoid playback attack nonce: number (R) used only once-in-a-lifetime ap4.0: to prove Alice live, Bob sends Alice nonce, R. Alice must return R, encrypted with shared secret key I am Alice R KA-B(R) Failures, drawbacks? Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! Network Security 8-13 Authentication: ap5.0 ap4.0 requires shared symmetric key can we authenticate using public key techniques? ap5.0: use nonce, public key cryptography I am Alice R Bob and Alice share K+ -

K A (R) send me your public key + KA Bob chooses R and knows only Alice could have the private key, that encrypted R such that + K (K (R)) = R A A Network Security 8-14 ap5.0: security hole man (or woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice) I am Alice I am Alice R R K (R) A

K (R) T Send me your public key + K T Send me your public key K - + m = K (K (m)) A A + K (m) A + A Trudy gets - + m = K (K (m)) T T sends m to Alice encrypted with

Alices public key + K (m) T Network Security 8-15 ap5.0: security hole man (or woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice) difficult to detect: Bob receives everything that Alice sends, and vice versa. (e.g., so Bob, Alice can meet one week later and recall conversation!) problem is that Trudy receives all messages as well! Network Security 8-16 Digital signatures

cryptographic technique analogous to hand-written signatures: sender (Bob) digitally signs document, establishing he is document owner/creator. verifiable, nonforgeable: recipient (Alice) can prove to someone that Bob, and no one else (including Alice), must have signed document Network Security 8-17 Digital signatures simple digital signature for message m: - Bob signs m by encrypting with his private key KB, creating signed message, KB(m) Bobs message, m Dear Alice Oh, how I have missed you. I think of you all the

time! (blah blah blah) Bob - Bobs private KB key Public key encryption algorithm m,K B(m) Bobs message, m, signed (encrypted) with his private key Network Security 8-18 Digital signatures

- suppose Alice receives msg m, with signature: m, KB(m) + - + - Alice verifies m signed by Bob by applying Bobs + public key KB to KB(m) then checks KB(KB(m) ) = m. If KB(K ) = m, that: whoever signed m must have B(m) Alice thus verifies Bob used Bobs private signed m key. no one else signed m Bob signed m and not m non-repudiation:

Alice can take m, and signature KB(m) to court and prove that Bob signed m Network Security 8-19 Message digestslarge message m computationally expensive to publickey-encrypt long messages goal: fixed-length, easy- to-compute digital fingerprint apply hash function H to m, get fixed size message digest, H(m). H: Hash Function H(m) Hash function

properties: many-to-one produces fixed-size msg digest (fingerprint) given message digest x, computationally infeasible to find m Security 8-20 such that x = Network H(m) Internet checksum: poor crypto hash function Internet checksum has some properties of hash function: produces fixed length digest (16-bit sum) of message But message with given hash value, it is easy isgiven many-to-one to find another message with same hash value: message IOU1 00.9 9BOB ASCII format 49 4F 55 31 30 30 2E 39

39 42 4F 42 B2 C1 D2 AC message IOU9 00.1 9BOB different messages but identical checksums! ASCII format 49 4F 55 39 30 30 2E 31 39 42 4F 42 B2 C1 D2 AC Network Security 8-21 Digital signature = signed message digest Bob sends digitally signed message: large message m H: Hash function

Bobs private key + Alice verifies signature, integrity of digitally signed message: encrypted msg digest H(m) - KB digital signature (encrypt) encrypted msg digest - KB(H(m)) large message m

H: Hash function KB(H(m)) Bobs public key + KB digital signature (decrypt) H(m) H(m) equal ? Network Security 8-22 Hash function algorithms MD5 hash function widely used (RFC 1321)

computes 128-bit message digest in 4-step process. arbitrary 128-bit string x, appears difficult to construct msg m whose MD5 hash is equal to x example: hello world -> 5eb63bbbe01eeed093cb22bb8f5acdc3 SHA-1 is also used US standard [NIST, FIPS PUB 180-1] 160-bit message digest http://www.miraclesalad.com/webtools/md5.php Example: hello world -> Network Security 8-23 Recall: ap5.0 security hole man (or woman) in the middle attack: Trudy poses as Alice (to Bob) and as Bob (to Alice) I am Alice I am Alice R R

K (R) A K (R) T Send me your public key + K T Send me your public key K - + m = K (K (m)) A A + K (m) A + A Trudy gets - + m = K (K (m))

T T sends m to Alice encrypted with Alices public key + K (m) T Network Security 8-24 Public-key certification motivation: Trudy plays pizza prank on Bob Trudy creates e-mail order: Dear Pizza Store, Please deliver to me four pepperoni pizzas. Thank you, Bob Trudy signs order with her private key Trudy sends order to Pizza Store Trudy sends to Pizza Store her public key, but says its Bobs public key Pizza Store verifies signature; then delivers four pepperoni pizzas to Bob Bob doesnt even like pepperoni Network Security 8-25

Certification authorities certification authority (CA): binds public key to particular entity, E. E (person, router) registers its public key with CA. E provides proof of identity to CA. CA creates certificate binding E to its public key. certificate containing Es public key digitally signed by CA CA says this is Es public key Bobs public key Bobs identifying information + KB digital signature (encrypt)

CA private key K CA + KB certificate for Bobs public key, signed by CA Network Security 8-26 Certification authorities when Alice wants Bobs public key: gets Bobs certificate (Bob or elsewhere). apply CAs public key to Bobs certificate, get Bobs public key + KB digital

signature (decrypt) CA public key Bobs public + K B key K+ CA Network Security 8-27

Recently Viewed Presentations

  • Phytoplasmas - Pennsylvania State University

    Phytoplasmas - Pennsylvania State University

    Sieve plate. S.T.E. cell 1. S.T.E. cell 2. Phytoplasma. Phytoplasma in phloem sieve tube elementat sieve plate passing between adjacent cells. Phloem necrosis - sieve elements eventually die, blocking carbohydrate translocation in plant.
  • Bats - Toronto Catholic District School Board

    Bats - Toronto Catholic District School Board

    PowerPoint Presentation Bats have arms and hands like you and I. Birds do not. A baby bat is born live. PowerPoint Presentation Bats are nocturnal. Bats hang upside down when they sleep. This is called roosting. PowerPoint Presentation
  • NEUROLOGY - Society for the Study of Addiction

    NEUROLOGY - Society for the Study of Addiction

    20% neurology patients have a lifetime history of a substance use disorder, and 13% have a current disorder ... concentration and decision making to alcoholic dementiaand Wernicke Korsakoff's psychosis. ... Korsakoff's psychosis characterised by amnesia, confabulation & irritabilty.
  • ENVI-F-409 Aspects conomiques de lenvironnement Sance 1 (2008-2009)

    ENVI-F-409 Aspects conomiques de lenvironnement Sance 1 (2008-2009)

    Quant à l'exemple du phare comme bien public pur, Coase (que nous avons déjà rencontré comme analyste des droits de propriété dans le cas des externalités) s'en est pris à cet exemple classique d'un bien public, en 1974 dans un...
  • Learning Strategies Walk nTalk Time Line Doodles Colour

    Learning Strategies Walk nTalk Time Line Doodles Colour

    Wants Macbeth to be King Lady Macbeth puts pressure on Macbeth Malcolm and Donalbain flee for safety Macbeth fears Banquo Banquo suspects Macbeth Mind Map Non-Renewable? Waste products? Available ? Clean ? Renewable ? Industries that use them. Environmentally friendly...
  • Name of Presentation

    Name of Presentation

    Presentation Overview . Features of College Success Course. CollegeScope . Demo. The Lone Star College System: Achieving the . Dream. The Advising . Component. Research on Program Effectiveness
  • Chapter 6 The Civil War (1861-1865) and the Gilded Age

    Chapter 6 The Civil War (1861-1865) and the Gilded Age

    Chapter 6 The Civil War (1861-1865) and the Gilded Age (1878-1789) from An Outline of American Literature by Peter B. High Walt Whitman(1819-1892) Leaves of Grass wanted "to define America, her athletic democracy." his poems contain lists of "sights and...
  • Solar RFQ Webinar: Q&A for National Solar Development

    Solar RFQ Webinar: Q&A for National Solar Development

    Partner Opportunity: Develop 8 California solar projects and additional sites in other states in 2016. Extend to as many viable sites as possible nationally through 2018. Three year capacity goal of 3 MW+. About Mercy Housing ~300 properties across 19...