EE579T/4 #1 Spring 2001 © 2000, 2001, Richard A. Stanley WPI EE579T Network Security 4:...

Spring 2001© 2000, 2001, Richard A. Stanley

WPI EE579T/4 #1

EE579TNetwork Security

4: Authentication, Encryption, and VPN’s

Prof. Richard A. Stanley


WPI EE579T/4 #2

Thought for the Day

“Never attribute to a conspiracy that which can be explained by incompetence.”

Judge Larry Silberman


WPI EE579T/4 #3

Overview of Tonight’s Class

• Review last week’s lesson

• Look at network security in the news

• Course project discussion

• Encryption overview

• Authentication

• Virtual Private Networks


WPI EE579T/4 #4

Last Week...

• Attacking the network topology is basic, and not limited to the the network media

• Firewalls can be a useful security tool– Control access to/from network segments– Filter traffic by type, source/destination, content– Provide logs of activity

• Firewalls are not a panacea, and can even be dangerous if not properly configured


WPI EE579T/4 #5

Network Security Last Week-1• World Economic Forum security breach

– 161MBS of data totaling 80,000 pages of text and tables in Excel spreadsheets

– 27,000 names of current and prior WEF participants with detailed private data Personal data on prominent WEF participants

– 1400 credit card numbers with the names and sometimes with spouses' names included

– 3200 WEF participants' travel intermarry data including hotel names, room numbers, and arrival and departure details

– User passwords for all participants on the WEF Davos information system


WPI EE579T/4 #6

Network Security Last Week- 2

• WEF security breach (continued)– Hackers approached newspapers with secret

data, later verified as correct– Persons involved include Yasser Arafat, Bill

Gates, Madeline Albright– Possible link to anti-globalization hacktivism?– Crime or prank?


WPI EE579T/4 #7

Network Security Last Week- 3

• Wireless LAN security breached– Wired Equivalent Privacy algorithm broken– Altered equipment can be used to intercept or

disrupt legitimate networks

• Acer, Compaq introduce notebook computers with fingerprint scanners

• Personalization Consortium releases new privacy guidelines (voluntary)


WPI EE579T/4 #8

Course Projects

• Teams

• Topics

• Schedule

• What’s expected

• Issues


WPI EE579T/4 #9

Access Control

• Determines and monitors who can do what with what in the computer

• Is much more than establishing a physical perimeter around the computer

• Can be achieved without a physical perimeter

• Is a vulnerable link if not protected


WPI EE579T/4 #10

Subjects and Objects

• Remember your English grammar

• Subjects act

• Objects are acted upon

• These roles are not graven in stone– If you hit the ball, you are the subject– If the ball hits you, you are the object

• It is just the same in computer science


WPI EE579T/4 #11

Access Control Model

Subject RequestReferenceMonitor Object

Any of these points is a vulnerability. How to protect?


WPI EE579T/4 #12

NIC’s

• All network segment packets are potentially visible to the NIC

• The NIC is set (by software) to respond only to packets addressed to itself

• If it is set in promiscuous mode, it will trap ALL packets

• Packet payloads are in plain text• Is there a potential problem here?


WPI EE579T/4 #13

Encryption Primer

• Cryptography = “secret writing”

• Input = clear text

• Output = cipher text

• Cipher text = clear text + key (in general)

• Two basic types of cipher– Secret (symmetric) key– Public (asymmetric) key


WPI EE579T/4 #14

Encryption

• A means for rendering plain language text (cleartext) into recoverable gibberish (ciphertext)

• Only ONE provably secure cryptosystem– One-time pad– Secure even if pad or operator captured– BUT…errors can lead to decryption– http://www.cia.gov/csi/books/venona/preface.htm


WPI EE579T/4 #15

Why Use Anything Except One-time Pads?

• Speed of encipherment

• Letters vs. numbers

• Logistics

• Usability

• Error rates


WPI EE579T/4 #16

Symmetric Ciphers

• Same code at each end

• Important that message length < cipher length

• Billions of combinations possible

• Codes changed frequently

• Each circuit requires a code pair


WPI EE579T/4 #17

EnigmaPerhaps the most famouscipher machine in history.

This is an early model. Laterversions had as many as five rotors.

Enigma was a tactical machine--designed for battlefield use.

Even today, Enigma would provideexcellent security…IF no errors

occurred on the part of the operators.


WPI EE579T/4 #18

Sigaba

Similar in theoryto Enigma.

Designed for strategic(fixed station) use; note

direct punching of teletypewriter paper

tape for transmission.


WPI EE579T/4 #19

Cipher Example (Vernam)

• Encipher• Plain: 001 010 011 100

• +key: 111 011 010 101

• Cipher: 110 001 001 001

• Decipher• Cipher: 110 001 001 001

• +key: 111 011 010 101

• Plain: 001 010 011 100

The ciphertext is simply the plain text added to the key,

modulo 2. This is a reversible process, as seen above.


WPI EE579T/4 #20

Breaking Symmetric Ciphers

• Brute force– Inelegant, but sometimes effective if enough

computing power can be brought to bear– If cipher is complex enough, this doesn’t work

• Exploit errors– Same message enciphered in two codes– Plaintext attack– Exploit operator errors


WPI EE579T/4 #21

Asymmetric Ciphers

• Also known as public key cryptography

• Until Diffie-Hellman, this concept was heretical. It is still counterintuitive.

• Key has two parts– Public: everybody knows or can know– Private: only holder knows

• Based on large prime numbers


WPI EE579T/4 #22

Brute Force Attacks on PK Systems

Assume a number N, having L decimal digits (NL).

Now posit a computer capable of 1010 divisions/second.

The computer can factor any N, using the trial division method,in approximately N0.5/1010 seconds.

If N has 100 digits, this process will require approximately1040 seconds.

However, the currently estimated age of the Universe isapproximately 3.8 x 1017 seconds.


WPI EE579T/4 #23

Public Key CryptographyAlice

Bob’s public key

Bob

Bob’s private key


WPI EE579T/4 #24

Curious Public Key Properties

• The encryption function is one-way• The encryption process is fungible

– Can encrypt with public key and decrypt with private key, and vice versa

• So what?– How about using this approach to sign documents?– Can a signed document be used for authentication?


WPI EE579T/4 #25

Crypto Weaknesses

• All cryptosystems depend on the security of the key for their security– If a symmetric system, he who has the key reads

the mail

– Asymmetric systems rely on the private remaining private. How good an assumption is this?

• Attacks on assumptions work better than attacks on the front door


WPI EE579T/4 #26

Cryptography

• Many ways to combine clear text and key; all are functionally equivalent (but NOT equivalent in other ways)

• Key things to know for computer security purposes are:– Cryptography is not a panacea– Two-way functions are potential problems– Key management is a difficult problem


WPI EE579T/4 #27

Identification

• Not as simple as it seems– Who are you?– Can you prove it?– How?

• Now--how can I prove you are who you purport to be?


WPI EE579T/4 #28

Identification & Authentication

• Identification– A unique entity descriptor

• Authentication– verifying the claimed identification

These are two sides of the same coin, but they are NOT the same thing


WPI EE579T/4 #29

Means of Identification

• Password

• Physical key

• Token

• Biometric


WPI EE579T/4 #30

Authentication

• Validates you are who you claim to be– Something you know– Something you have– Who you are– What you do– Where you are

• An intruder who has the authentication keys looks just like the real user!


WPI EE579T/4 #31

Something You Know

• Password

• PIN

• Some other piece of information (e.g. your mother’s maiden name -- very popular)

• NB: anyone who obtains this information is -- so far as the computer knows -- you. Is there a problem here?


WPI EE579T/4 #32

Something You Have

• Physical token– Physical key– Magnetic card– Smart card– Calculator

• What if you lose it?


WPI EE579T/4 #33

Who You Are• Biometrics

– Fingerprints– Face geometry– Voiceprints– Retinal scanning– Hand geometry

• False positives, negatives

• User acceptance


WPI EE579T/4 #34

What You Do

• Mechanical tasks– Signature (pressure, speed)– Joystick

• False positives, negatives

• Potential for forgery, etc.


WPI EE579T/4 #35

Where You Are

• Limit use by user location

• Vet location by GPS, etc.

• Reliability, dependability, complexity


WPI EE579T/4 #36

I See You, Can You See Me?

• Passwords and authentication can do a decent job of identifying the user to the computer if they are closely coupled

• How does the user know who he/she is connected to?

• Why does the user care?


WPI EE579T/4 #37

Authentication of the Computer

• Public key infrastructure

• Digital certificates– Certificate authority– Certificate revocation

• Is it foolproof?

• Is it legal?


WPI EE579T/4 #38

Networked Systems Security

• Users not necessarily registered at the node they are accessing– How to authenticate users?– What is basis for access control decisions?

• Some options:– User ID– User address– Service being invoked


WPI EE579T/4 #39

User Identity Checking

• Unix approach for remote services– ftp, telnet

• How do user rights travel with the user?– Local vs. remote nodes– Labeling inconsistencies– Write vs. read

• What about trusted hosts?


WPI EE579T/4 #40

Controlled Invocation

• Program typically given user’s access rights and then run on remote node– This is called delegation– Is there a problem here?

• More desirable to delegate rights selectively– Proxy servers often used for this– Proxy runs with its own rights


WPI EE579T/4 #41

System Design Decisions

• Focus of control: data, operations, users

• Security layer: where should it be?

• Simplicity versus feature-rich

• Enforcement: central vs. distributed?

• Protection: how to keep attacker from lower levels?


WPI EE579T/4 #42

Security Enforcement

• Where is a user authenticated?– Centrally?

• Authentication servers

• Ticket-granting servers

– Locally?• Firewalls

• Where are access control decisions made?


WPI EE579T/4 #43

Authentication

• Kerberos– Q: Who is/was Kerberos?– A: The three-headed dog that guards the

entrance to Hell (also Cerberus)– www.web.mit.edu/kerberos/www/

• Distributed System Security alternatives

• Personal security tokens


WPI EE579T/4 #44

Kerberos Components

• Users (of course!)

• Kerberos Authentication Server (KAS)

• Ticket-granting Server (TGS)

• Strong cryptography– Triple DES


WPI EE579T/4 #45

How Does Kerberos Work?

• Example: Alice desires to establish a secure authenticated session with Bob

• Step 1: Alice logs onto her local host, entering user ID and password, and requests service from a TGS– Message 1 generated from Alice to TGS– Contains ID, TGS name, ticket expiry, nonce– Sent in cleartext


WPI EE579T/4 #46

Kerberos Protocol

TGS

KAS Alice Bob1


WPI EE579T/4 #47

Step Two

• KAS generates a message back to Alice– Contents

• Session key

• Ticket

• Nonce (another one from what Alice sent)

– Contents encrypted with Alice’s secret key (which is known to her and the KAS)


WPI EE579T/4 #48

Kerberos Protocol

TGS

KAS Alice Bob1

2


WPI EE579T/4 #49

Step Three• Alice creates an authenticator

– Alice’s ID– Creation time– Encrypted with session key from KAS

• Sends authenticator, ticket, requested expiry date, another nonce, name of service requested to TGS

• Encrypted with KAS, TGS secret key


WPI EE579T/4 #50

Kerberos Protocol

TGS

KAS Alice Bob1

2

3


WPI EE579T/4 #51

Step Four

• TGS generates session key to use with Alice

• TGS sends session key for use with Bob and a ticket to use with Bob back to Alice– Encrypted with session key between Alice and

TGS

• Alice stores the encrypted ticket and decrypts the new session key to use with Bob


WPI EE579T/4 #52

Kerberos Protocol

TGS

KAS Alice Bob1

2

3 4


WPI EE579T/4 #53

Step Five

• Alice asks Bob for an authenticated session– Sends ticket, new authenticator using the

session key between Alice and Bob

• Bob decrypts the ticket (secret key w/TGS)– Checks validity (has it expired?)– Obtains session key– Decrypts authenticator from Alice– Verifies time stamp


WPI EE579T/4 #54

Kerberos Protocol

TGS

KAS Alice Bob1

2

3 4

5


WPI EE579T/4 #55

Step Six, and Last

• Bob sends message to Alice– Contains last time stamp received– Encrypted with session key for Bob & Alice

• Alice decrypts the time stamp and compares it to her own time stamp

• If time stamps match, Bob is authenticated, and session proceeds


WPI EE579T/4 #56

Kerberos Protocol

TGS

KAS Alice Bob1

2

3 4

5

6

Authenticated Session Now Established!


WPI EE579T/4 #57

Distributed System Security Architecture

• Originally developed at DEC

• Several variations on the theme

• Uses credentials, certificates, and tokens

• Certificate entities– Certificate Authority (CA)

• issues certificates, can be off-line

– Certificate Distribution Center (CDC)• stores certificates, must be on-line for authentication


WPI EE579T/4 #58

DSSA: Before We Begin

• Users obtain digital certificates– Based on public key technology– Certificate contains user name, public key,

name of the CA, expiry date, and other details that may be desired

– Certificate purports to identify the user; this is attested to by the CA

– Certificate binds public key to the user


WPI EE579T/4 #59

DSSA: Step One

• Alice asks the CDC for Bob’s certificate

CDC

Alice Bob

1


WPI EE579T/4 #60

DSSA: Step Two

• CDC sends Alice Bob’s certificate

CDC

Alice Bob

1

2


WPI EE579T/4 #61

DSSA: Step Three

• Alice verifies Bob’s public key, generates session key, sends authenticator+signed ticket+delegator to Bob

CDC

Alice Bob

1

2

3


WPI EE579T/4 #62

DSSA: Step Four

• Bob asks CDC for Alice’s certificate

CDC

Alice Bob

1

2

3

4


WPI EE579T/4 #63

DSSA: Step Six

• Bob authenticates Alice’s public key using her certificate, retrieves session key, verifies times, etc., and sends Alice an authenticator

CDC

Alice Bob

1

2

3

4

5

6

Authenticated Session Now Established!


WPI EE579T/4 #64

Some Authentication Issues

• Certificate revocation list

• Time synchronization

• How do you trust the CA?– Digital notaries

• Standards– X.509 predominates, but not only one (e.g.,

PGP)


WPI EE579T/4 #65

Personal Cryptographic Tokens

• Smart cards, loading keys, etc.

• How do you bind the user to the token?– If the token is stolen, I become you without

hard binding– If the binding is too hard to use, the user won’t

use it

• Other issues?


WPI EE579T/4 #66

Virtual Private Network

• Authenticated,• encrypted,• communications channel• …across some kind of public network, such

as the Internet, which is itself possibly not secure

• BUT..we don’t care if the public network is secure or not!


WPI EE579T/4 #67

VPN Prerequisites

• Each site must have a VPN-capable device at the network perimeter

• Each site must know the other site’s IP subnet addresses

• Both sites must agree on authentication

• Both sites must agree on encryption and exchange keys as needed


WPI EE579T/4 #68

VPN Example


WPI EE579T/4 #69

Adequate Encryption

• How sensitive is the data?

• How long must it be kept secret?– Work factor

• What is the impact of its compromise weighed against the cost of encryption (i.e. what is the cost/benefit ration?)


WPI EE579T/4 #70

Summary

• Authentication is critical to achieving network security, and is harder because the user is at a distance from the computer

• Encryption is key to authentication– Symmetric

– Asymmetric

• VPN’s provide a way to create a private “tunnel” through a public network– Not a panacea


WPI EE579T/4 #71

Homework - 1

1. Write an essay of 500-1000 words on the strengths and weaknesses of public key encryption.

2. Research the basic standards for public key encryption. What are they? Where can they be found?


WPI EE579T/4 #72

Homework - 2

3. Compare and contrast public and private key cryptography for achieving network security. How would you use private key crypto to distribute public keys?

4. Refer to Figure 10.5 of the text. Describe the passage of a packet from machine 192.168.1.23 to 192.168.3.3. Be specific as to what happens at boundaries.


WPI EE579T/4 #73

Homework - 3

5. Conduct your own research as to the availability and price of network sniffers for Windows-based computers. Do not run these on any network without written permission of the network administrator! What is your assessment of the security of your network based on your findings?


WPI EE579T/4 #74

Assignment for Next Week

• Plan for project teaming• Next week’s topic: HTTP and All That Jazz!

Date post:	19-Dec-2015
Category:	Documents
View:	214 times
Download:	0 times

EE579T/4 #1 Spring 2001 © 2000, 2001, Richard A. Stanley WPI EE579T Network Security 4:...

Documents