Information SecurityInternet, Intranet, Extranet

Prof. dr. P.M.E. De Bra

Department of Computing Science

Eindhoven University of Technology

Parts / Topics / Issues• Basics of Internet technology / Organization

• Application of encryption in networks

• Principles of Firewalls / Virtual Private Networks.

• Financial transactions over Internet

• Basics of World Wide Web technology

• Server-side security issues

• Client-side security issues

• Accessing databases through the Web

What is Internet?• A network of networks based on the TCP/IP

protocols.

• A community of people who use and develop those networks.

• A collection of resources that can be reached from those networks.

Internet standards are defined in RFCs.Informal definition of Internet is rfc 1462:http://www.normos.org/ietf/rfc/rfc1462.txt

Layered Internet protocols• Hardware-level protocol (wire without

protocol, ethernet protocol, X.25, ATM, ...).

• IP (lowest level Internet Protocol).

• TCP, UDP, ICMP: TCP is used most, provides reliable connections.

• SMTP, FTP, Telnet, ...: Application-level protocols (mostly on top of TCP/IP).

We look at 1) TCP, 2) IP, 3) UDP and ICMP, 4) Application-level protocols, 5) Ethernet

Internet Basics: Addressing• Every computer has a 32 bit (4 octet) address:

e.g. 131.155.70.196. Addresses reveal something about the associated network:– First octet 1..126: A networks, very large.

(Arpanet is one of these 126 networks.)– First two octets 128.1 .. 191.254: B networks,

maximum of 64516 computers in each network.– First three octets 192.1.1 .. 223.254.254: C

networks, maximum of 254 computers in each.– Addresses above 224.1.1 are reserved for the

future, for still undefined D and E networks.

Internet Basics: Addressing• Some addresses are never used.

They can be used behind firewalls on company Intranets:– 10.0.0.0 to 10.255.255.255 can be used for an

A class Intranet.– 172.16.0.0 to 172.16.255.255 can be used for a

B class Intranet.– 192.168.0.0 to 192.168.255.255 can be used for

C class Intranets.– First octet 127 is not used on Internet or Intranets.

(127.0.0.1 is the “loopback” on every machine.)

Internet Basics: TCP protocol• Provides connections of connectionless IP

protocol, through the use of ports.– A connection is defined by a source and

destination IP address and a source and destination port. (A TCP header contains ports, the IP header the IP addresses.)

– “Standard” servers “listen” to predefined (privileged) ports, with numbers below 1024.

– Clients use unprivileged ports.– One computer can have many simultaneous

connections to many other computers. All connections between a pair of computers must use different source or destination port numbers.

Internet Basics: TCP protocol• Data to be transmitted is divided in (a

sequence of) datagrams.– TCP software on both ends says how large a

datagram may be. The smaller size is chosen. Each datagram consists of a header and data.

– Each datagram gets a sequence number. Each received datagram is acknowledged by returning a datagram with an acknowledgement number.

– The acknowledgement contains a window size, indicating how many datagrams may be sent before the sender has to stop.

– Every datagram gets a checksum to verify that the contents has arrived correctly.

Internet Basics: IP• IP sends datagrams from a source IP address

to a destination IP address. (It may also split the datagram when needed.)– Each datagram contains an IP header, with a

checksum (of the header only).– The header contains a protocol (code) to indicate

whether it is a TCP, UDP or ICMP datagram.– Each datagram is routed separately.– Some datagrams may arrive faster than others.– Some datagrams may be lost. Each header has a

time to live to indicate how much longer (number of hops) the datagram may live.

Internet Basics: Routing• Routing is the task of finding how to get a

datagram to its destination.– Each machine can send datagrams directly to

some other machines on a local network.– Each machine knows a gateway machine it can

send datagrams to.– A gateway has connections to a number of

networks and maintains a routing table of which connection to use for which destination.

– A gateway can respond to a request with “I’m not the best gateway for this destination”.

Internet Basics: Domain Names• Most applications and users use domain

names instead of IP numbers. A redundant hierarchy of name servers provides translation of names to numbers.– Name to reach: pcnov290.win.tue.nl– Ask a root server for an nl server.– Ask a server for the nl domain for a tue server.– Ask a server for the tue domain for a win server.– Ask a server for the win domain for the address of

pcnov290.

Internet Basics: UDP and ICMP• UDP: User Datagram Protocol

– Provides port numbers like TCP.– Provides a checksum for header + data.– Does not split data into separate datagrams.– Does not put sequences of datagrams together.– Does not keep track of lost datagrams, for

retransmission.

• ICMP: Internet Control Message Protocol– Used for messages (that fit into a single datagram).– Interpreted by IP itself. There are no port numbers.

Application level Protocols• Many TCP/IP protocols are text-based so

that humans can easily interpret them:

Example: Mail dialog between client and server

svis01: 220 svis01.win.tue.nl ESMTP Sendmail 8.8.7/1.45 ready at Fri, 5 Feb 1999 23:28:31 +0100 (MET)

pcnov290: HELO pcnov290.win.tue.nl

svis01: 250 svis01.win.tue.nl Hello pcnov290 [131.155.71.147], pleased to meet you

pcnov290: MAIL From: debra@win.tue.nl

svis01: 250 debra@win.tue.nl... Sender ok

...

Application level Protocols• Telnet: allows to log in on any other

computer on the network (on which you have an account). It requires an interactive login. (Username and Password are transmitted without encryption.)

• Rlogin: allows to remote log in as a specific user. It is possible to log in without password, based on domain name. (Insecure).

• Ssh: “secure shell”, allows remote log in, using encrypted channel, with or without password. (public/private keys used between computers.)

Application level Protocols• Ftp: File Transfer Protocol. Used in

anonymous mode to access public file servers, and with passwords to copy to and from machines. Ftp uses separate “channel” for commands and for data transfer.

• Rcp: Remote copy, allowed based on domain name / user name combination. Insecure.

• Scp: Secure copy, allowed based on domain name / user name combination and public/private key encryption. Uses encrypted channel to avoid snooping.

Application level Protocols• SMTP: Simple Mail Transfer Protocol

• NNTP: Network News Transfer Protocol

• RPC: There are different varieties of protocols for remote execution. (Remote shell, remote procedure call, etc.)

• NFS: Network File System. Introduced by Sun Microsystems. Uses UDP, not TCP.

• Remote Printing

• ...

Ethernet• Each ethernet board has a unique 48 bit

address. (16 bits are assigned to a vendor, 32 bits can be used by the vendor).

• Every ethernet packet contains a source address and destination address.

• Every ethernet packet contains a checksum at the end.

• Ethernet interfaces automatically listen to packets with their address as destination. It is possible to cheat (to listen to everything).

Ethernet• An ARP request is used to find out which

ethernet address corresponds to an IP number.

• ARP is needed to talk to Internet hosts on the local ethernet.

• (Local) ethernet routers can block packets that originate from machines with an unknown ethernet address. (It is easier to pretend to have a different IP number than to pretend to have a different ethernet number.)

Internet security: Issues• How to achieve secure (secret and reliable)

communication over an insecure network. (Which encryption techniques fit which purpose.)

• How to prevent unauthorized access to services while allowing authorized access to other services.

• How to isolate a company network from Internet, while allowing the use of Internet by computers in the company.

Internet communication threats• Snooping: Any computer on Internet can

intercept passing datagrams. One can easily filter out the data belonging to a single connection.

Internet communication threats• Spoofing: A computer can pretend to be

another one (by using the other’s IP number) and thus steal its traffic.

Internet communication threats• Spoofing: Man in the middle variation

Spoofing machine talks to the “real” owner of IP number, to pass on corrupted data.

Secure communication• Four requirements:

– Confidentiality: others cannot eavesdrop on an information exchange.

– Integrity: the messages cannot be tampered with (without that being detected).

– Authenticity: the identity of the sender of a message can be verified (through a digital signature).

– Non-Repudiability: there must be a record of the information exchange so that sender and receiver cannot deny that the exchange took place.

Encryption Techniques• Secret key encryption: Two parties

exchanging information need to know the same secret key. It is used for encryption and decryption of a message.

• Public key encryption: Two keys work together: a public and a private key. A message encrypted with either key can be decrypted with the other key. One key is published, the other is kept secret.

Encryption Standards• DES: Data Encryption Standard, developed

by IBM. (certified by NIST as FIPS 46-1, and also known as ANSI standard X9.32)– Uses 64-bit block size and 56-bit key (plus 8

parity bits).– Symmetric cryptosystem, built around a 16

round Feistel cipher.– Originally designed for implementation in

hardware.– Not approved for export outside the USA.– DES can be broken, at considerable cost.

Encryption Standards• Triple-DES: Variation of DES where each

message is encrypted three times. There are three variations:– DES-EEE3: three DES encryptions with three

different keys.– DES-EDE3: encrypt, decrypt, encrypt with

three different keys.– DES-EEE2 and DES-EDE2: same as before

but the first and third operations use the same key.

Multiple encryption does not necessarily makeencryption harder to break.

Encryption Standards• RC2: variable key-size block cipher (designed

by Ron Rivest, leading to the name “Ron’s Code” or “Rivest Cipher”.)

– Symmetric cryptosystem.– Can be made more secure or less secure by

using different key sizes.– Uses a block size of 64 bits.– Twice as fast as DES.– Approved for US export with 40-bit key.

Encryption Standards• RC4: variable key-size stream cipher with

byte-oriented operations.– Symmetric cryptosystem.– Can be made more secure or less secure by

using different key sizes.– Can be implemented efficiently.– Approved for US export with 40-bit keys.

• RC5: variable block-size, variable key-size, variable number of rounds. (Patent by RSA)– Symmetric cryptosystem.– Can be implemented efficiently.

Encryption Standards• IDEA: (International Data Encryption

Algorithm) is a 64 bit iterative block cipher with a 128 bit key.– Symmetric cryptosystem.– Can be implemented efficiently in hardware

and software.– Widely published about, and thus not subject to

export restrictions.

Encryption Standards• RSA: public-key cryptosystem. Used for

encryption and for digital signatures:– Asymmetric cryptosystem. Uses pairs of keys,

one public, one private.– At least 100 times slower than DES, thus not

suitable for encrypting large messages or data streams.

Encryption Standards• Practical use of RSA (or other public-key

cryptosystems): supposes A wishes to send a secret, signed message to B.1.A applies a hash function to the message to create

a message digest, a digital fingerprint of the message.

2.A encrypts the digest with her private key.3.A encrypts the message and digest with B’s public

key and sends that to B.4.B decrypts the message and digest with B’s

private key.5.B decrypts the digest with A’s public key.6.B performs the hash function on the message and

compares it to the digest.

Secure Hash Functions• SHA: Secure Hash Algorithm (NIST FIPS

PUB 180) produces a 160-bit message digest.

• MD2: Hash algorithm for 8 bit machines.

• MD4, MD5: Hash algorithms for 32 bit machines. They produce a 64-bit message digest.

Secure Sockets Layer• Introduced by Netscape Communication to

enable secure communication between a Web browser and servers.

• Extra layer between application and TCP/IP.

• Is application independent. Applications see an (unencrypted) data channel.

• Performs– Encryption of communication.– Server validation.– Optional client validation.

Secure Sockets Layer• Supported encryption techniques:

– RC2:– RC4:– IDEA:– DES:– Triple-DES:

• Supported message digest technique:– MD5

Secure Sockets Layer1. Client opens a channel to the server.

2. Server sends its certificate and cipher preferences.

3. Client generates a master key, encrypts it with the server’s public key, and sends it to the server.

4. Server decrypts the master key, and authenticates itself by returning a message to the client, encrypted using the master key.

5. The server may send a challenge to the client.

6. The client authenticates itself by returning the client’s digital signature on the challenge and its public key certificate.

Encryption at the IP level• S/WAN (Secure Wide Area Network)

promotes the deployment of Internet-based Virtual Private Networks (VPNs).– Standard specification for implementing IPsec.– Possibly lower level security than SSL.– S/WAN uses RC5 encryption with keys ranging

from 40 to 128 bits.– Protocol formats for Authentication Header

and Encapsulating Security Payload are independent of cryptographic algorithm.

– Host-to-host, subnet-to-subnet and host-to-subnet secure communication.

Secure Shell• Protocol for secure remote access from one

computer to another.– Can be used for secure login on a server, or for

setting up a virtual private network.– Ssh can be configured to forward X11

connections over the encrypted “tunnel”.– Other TCP/IP connections can also be tunneled

through ssh to the server to give secure access to mail, web, file systems, ftp, etc.

– info: http://www.ssh.fi/

Kerberos• Authentication service, part of Project

Athena at MIT.– Uses secret key encryption (originally DES).– Designed to authenticate requests for network

resources, not authorship of documents.– A server performs centralized key management.

It contains the secret keys for all users. This creates a single point of failure.

– Considered adequate for local networks or networks within one administrative domain.

PGP: Pretty Good Privacy• Software package that provides cryptographic

routines for e-mail and file storage.– Provides message encryption, digital signatures,

data compression and e-mail compatibility.

– RSA and Diffie Hellman for key transport.

– CAST and Triple-DES for message encryption.

– RSA or DSA for signing. (export restrictions!)

– MD5, RIPEMD-160 or SHA-1 for computing message digests.

– Compression through the ZIP program.

S/MIME• Secure/Multipurpose Internet Mail Extensions.

– Adds digital signatures and encryption to MIME.– (MIME standards, see rfc1521 and rfc822)– Endorsed by many messaging vendors, including

Microsoft, Lotus, Wollongong, Banyan, NCD, VeriSign, Netscape and Novell.

– Uses hierarchies of trusted third parties to verify the authenticity of the keys provided by users (or servers).

– Secret key algorithms DES, Triple-DES, RC2.– Private key algorithm: RSA.

Host (or Subnet) Security• Any technical solution for security must be

used as a means of implementing a chosen security policy:– What are we protecting?– How important is it?– How likely is it that it will be attacked?– What should happen if an attack is successful?– What is permitted, by whom and for what

purpose?– What Internet connectivity is needed from the

host or subnet?

Firewalls: background• A firewall provides security for an Intranet

by controlling what and how can be communicated with Internet. Firewalls cannot protect against:– Attacks that do not go through the firewall

(hand carried tapes/disks, modem connections).

– Data-driven attacks: something (malicious) is uploaded or copied through a legitimate channel, and then executed.

– Denial of service attacks that overload the data connection between Intranet and Internet.

Firewall architectures• Approaches:

– packet filtering: allow only datagrams with certain properties to pass.

– proxy services: application-level gateways that forward datagrams and hide the Intranet.

• Architectures:– dual-homed host: one host with two network

interfaces, one for Intranet, one for Internet.– screened host: packet filter combined with

bastion host providing gateway/proxy services.– screened subnet: trusted/untrusted subnets.

Packet filtering (screening router)

Packet filtering (screening router)• Selectively blocks or lets through packets

between the Intranet and Internet, based on:– Source IP address– Destination IP address– Protocol (TCP, UDP)– Source port– Destination port

• For each combination one can configure the filter to allow or deny all values, certain ranges, or single values.

Proxy Services

Proxy Services• Specialized services (application-level

gateways) take a request from an Intranet computer and forward it to Internet.– Proxies are most useful when Intranet computers

can only reach Internet through the proxy.– Many applications can be configured to use

proxies. SOCKS is a proxy construction toolkit used to modify clients for proxy operation.

– To the Internet hosts all Intranet requests appear to come from the proxy server. A proxy is sometimes used to hide where a request came from.

Dual-Homed Hosts

Dual-Homed (Bastion) Hosts• Requires a host with two network interfaces.

– High level of control, but possibly also a high workload on the bastion host.

– All traffic must pass through the bastion host.– The bastion host offers proxy services.– The IP addresses of the Intranet computers are

invisible on Internet. Special ranges are reserved for this: 10.x, 172.16 and 192.168.

– The bastion host should off as few services as possible. It should not have user accounts.

Screened Host

Screened Host• Requires a screening router and a bastion

host.– The router blocks all traffic to and from the

Intranet except to and from the bastion host.– The bastion host offers proxy services just like

the dual-homed host, but needs no second network interface.

– Combination of router and bastion host may offer better protection than dual-homed host.

– Internal network is vulnerable for denial of service attacks.

Screened Subnet

Screened Subnet• Extra layer of security by adding a perimeter

network.– Vulnerable bastion host is isolated from the

internal network.– Prevents possibility of snooping on the Intranet

after breaking in to the bastion host.– Services from bastion host to Internet may differ

from services from bastion host to Intranet.– There may be several hosts on the perimeter

network: for e-mail, ftp server, WWW server, DNS server, etc.

Screened Subnet• Interior router:

– Allows selected services outbound to Internet, and only through the bastion host (proxies).

– Limits services between bastion host and Intranet (in case bastion is broken into).

• Exterior router:– Protects perimeter and Intranet.– Allows most outbound services.– Allows only incoming and outgoing services

needed by bastion host.– Blocks packets with forged Intranet addresses.

Variation: sub-Intranets

Variation: sub-Intranets• Firewalls can be used to protect parts of

internal networks from each other.– Test or demonstration networks with less

security.– Highly confidential networks with more security.

• Different configurations are possible, with more connections to Internet and between internal networks.

Internet Tunneling: Extranets

Internet Tunneling: Extranets

Internet Tunneling: Extranets• Encapsulating data in wrapper packets.

Not only TCP/IP traffic can be tunneled, also Novell IPX or other protocols.– Source and destination do not notice the

tunneling. No modifications to applications.– Encryption can be done for the whole group-to-

group connection or on a point-to-point basis.– PPTP Point-to-Point Tunneling Protocol is

embedded in operating systems such as Windows 95 and Windows-NT.

– There are many proprietary tunneling protocols.

Point to Point Tunneling Protocol• PPTP was developed by Microsoft. It is

aimed at dial-in connections using PPP.– User access is first controlled through PAP

(Password Authentication Protocol) or CHAP (Challenge Handshake Authentication Protocol).

– Each PPP packet is encoded with 40-bit RC4. The encryption prevents the network from reading the destination information.

– The PPP packet is encapsulated within a GRE (Generic Routing Encapsulation) packet which includes destination information.

IPsec• IPsec might be a successor/replacement for

PPTP, and has much wider applications than just tunneling. It addresses authentication, integrity, access control and confidentiality.– Supports a variety of encryption algorithms

(including a standard set to be used in the global Internet).

– Uses two headers: AH (Authentication Header) and ESP (Encapsulating Security Payload).

– AH verifies that the data hasn’t been altered.– ESP encrypts the data so it remains confidential.

IPsec (cont.)• IPsec can be used to protect

communication:– between a pair of hosts; (i.e. these hosts do the

encryption and decryption and must be trusted)– between a pair of security gateways; (e.g.

group-to-group tunneling between remote parts of an extranet)

– between a security gateway and a host; (e.g. personal-to-group tunneling in an extranet)

• Each packet is afforded IPsec security, allowed to bypass IPsec, or discarded.

IPsec (cont.)• The IP Authentication Header (AH):

– provides connectionless integrity;– provides data origin authentication;– provides (optional) anti-replay service (i.e. a

form of sequence integrity).

• The Encapsulating Security Payload (ESP):– provides confidentiality (encryption);– provides traffic flow confidentiality;– may also provide connectionless integrity, data

origin authentication and an anti-replay service.

• AH and ESP can provide access control.

IPsec (cont.)• The user can control granularity:

– A single encrypted tunnel can be used to carry all the traffic between two security gateways;

– A separate encrypted tunnel can be created for each TCP connection between each pair of hosts communicating through the gateways.

Note that the granularity of SSL is finer thanthe single tunnel and coarser than the separatetunnel for each TCP connection.

Home Networks• To connect several computers at home (consisting

of PCs):– Local lan consists of ethernet.– Connection to ISP through modem or “fixed”

network (cable modem, isdn router, etc.).– This effectively creates a dual-homed host.– The internal network can use 192.168 range.– On the bastion host you must enable IP

forwarding.– In the network “security” options you need to

select TCP and UDP ports to enable/disable.– You need to setup proxy services on bastion.– You need to configure the other PCs to use the

proxies. (e.g. through a package like Sygate.)

Interesting URLs• Tutorial on TCP/IP: http://tecnet0.jcte.jcs.mil:9000/

htdocs/utl/iis/tcp.txt.html

• Encryption-related info from RSA labs: ftp://ftp.rsa.com/pub/labsfaq/labsfaq4.pdf

• Virtual Private Networks (student paper): http://amir.fullerton.edu/msis410/Projects/Group12/vpnpaper.htm

• Working group on IPsec: http://www.ietf.org/html.charters/ipsec-charter.html