- 1. CPSC441 Security Module Internet Security
2. TYPESOFSECURITY 1. INTEGRITY AND PRIVACY OF
INFORMATION(SECURE DATA COMMUNICATION) SOLUTION: Electronic
transaction 2. LIMIT TO CONNECTIVITY SOLUTION: Various kinds of
Firewalls 3. NODE SECURITY SOLUTION: Anti-virus software 3. SUMMARY
OF SECURITY OPTIONS 1.SECURE COMMUNICATION: a) Secure Socket Layer
(SSL) b) Virtual Private Networks (VPN) c) Kerberos authentication
d) Special protocols (S/MIME, DNSsec) 2.LIMITING CONNECTIVITY a)
Packet filtering firewalls b) Proxy servers c) SOCKS servers d) NAT
routers LINUX includes Packet filtering and NAT routing as a part
of the Kernel software 3.NODE SECURITY Anti-virus software 4.
SECURE DATA COMMUNICATION Required by e-commerce Based on the
business transaction Current business transaction consist of:
I.Initial identification of the client(S.I.N.,
Passport,certificates)II. Transaction: a) Initial setup: 1. Client
selects and trustsserver (Bank etc.) 2. Sever verifies client, sets
account b) Transaction execution: 5. TRANSACTION EXECUTION - cont.
CLIENT: 1.HAS certificate 2. KNOWS account number 3. REQUESTS
transaction 4. CONFIRMS (signs) the request SERVER: 1.
AUTHENTICATES the client 2. PERFORMS the transaction 3. CONFIRMS
(signs) the transaction 4. GUARANTEES the confidentiality 6. E
-COMMERCE:NEEDED 1. CERTIFICATES 2. SERVER AUTHENTICATION 3. CLIENT
AUTHENTICATION 4. DIGITAL SIGNATURES 5. CONFIDENCIALITY OF THE
TRANSACTION Collectively known as SECURE COMMUNICATION Based on
ENCRYPTION techniques 7. Symmetric-Key Encryption
- T he same key is used for both encryption and decryption
- T he encryption key can be calculated from thedecryption key
and vice versa
8.
- Implementations can be highly efficient nosignificant time
delay
- P rovides a degree of authentication information encrypted with
one symmetric key cannot be decrypted with any other symmetric
key.
- E ffective only if the symmetric key is kept secret by the two
parties involved.
- P lays an important role in the SSL protocol, which is widely
used for authentication, tamper detection, and encryption over
TCP/IP networks.
-
- SSL also uses techniques of public-key encryption(next)
Symmetric-Key Encryption 9. Public-Key Encryption
- Patented by RSA Data Security (www.rsa.com)
- A lso called asymmetric encryption
- P air of keys--apublic keyand aprivate key
- Data encrypted with your public key can be decrypted onlywith
your private key P ublic keyispublished, and thecorresponding
private key is kept secret. (moreinfo in Certificates and
Authentication.)
10. Public-Key Encryption
- L ets you freely distribute a public key, and only you will be
able to read data encrypted using this key.
- T o send encrypted data to someone, you encrypt the data with
that person's public key, and the person receiving the encrypted
data decrypts it with the corresponding private key.
- Compared with symmetric-key encryption, public-key encryption
requires more computation and is therefore not always appropriate
for large amounts of data.
11. Public-Key Encryption
- I t's possible to use public-key encryption to send a symmetric
key, which can then be used to encrypt additional data. This is the
approach used by the SSL protocol.
- The reversealso works: data encrypted with your private key can
be decrypted only with your public key.
- This would not be a desirable way to encrypt sensitive data
:anyone with your public key( published ) , could decrypt the
data.
12.
- Digital signatures using public-key cryptography.
13.
- R ely on a mathematical function called aone-way hash(also
called amessage digest ).
- A one-way hash is a number of fixed length with the following
characteristics:
-
- The value of the hash is unique for the hashed data. Any change
in the data, even deleting or altering a single character, results
in a different value.
-
- The content of the hashed data cannot, for all practical
purposes, be deduced from the hash--which is why it is called
"one-way."
Digital Signatures 14. Digital Signatures 15. Digital
Signatures
- If the two hashes match, the recipient can be certain that the
public key used to decrypt the digital signature corresponds to the
private key used to create the digital signature.
- Confirming the identity of the signer, however, also requires
some way of confirming that the public key really belongs to a
particular person or other entity( Certificates and Authentication
)
16.
- S trength of encryption is related to the difficulty of
discovering the key, which in turn depends on both the cipher used
and the length of the key.
- Encryption strength is often described in terms of the size of
the keys used to perform the encryption
- I n general, longer keys provide stronger encryption.
Key Length and Encryption Strength 17.
- Different ciphers may require different key lengths to achieve
the same level of encryption strength
-
- Example:a 128-bit key for use with a symmetric-key encryption
cipher would provide stronger encryption than a 128-bit key for use
with the RSA public-key encryption cipher.
- L evel of strength may be vulnerable to attacks in the near
future.
Key Length and Encryption Strength 18. OVERVIEW OF CRYPTO
ALGORITHMS I.SYMETRICAL NameKey length (bits) Triple DES168(US
only) RC2, RC4128(US only) DES56(US only) RC2, RC440 (Export)
II.PUBLIC KEYRSA, Some others512 (equiv. to 64) III. HASHING (OWH)
MD5, Some others 19. One-Time Pads (Topic for Quantum Cryptography)
The use of a one-time pad for encryption and the possibility of
getting any possible plaintext from the ciphertext by the use of
some other pad. 20. A Certificate Identifies Someone or
Something
- Acertificateis an electronic document used to identify an
individual, a server, a company, or some other entity and to
associate that identity with a public key.
- AddressesImpersonation ( Information passes to a person who
poses as the intended recipient. )
- Certificate authorities (CAs)are entities that validate
identities and issue certificates
21. X.509
- The basic fields of an X.509 certificate.
22. Certificate authorities (CAs)
- B inds a particular public key to the name of the entity the
certificate identifies (such as the name of an employee or a
server).
- Only the public key certified by the certificate will work with
the corresponding private key possessed by the entity identified by
the certificate.
-
- the name of the entity it identifies, an expiration date, the
name of the CA that issued the certificate, a serial number, and
other information.
-
- the digital signature of the issuing CA.
23. CA HierarchiesIn large organizations, it may be appropriate
to delegate the responsibility for issuing certificates to several
different certificate authorities. 24. Types of Certificates
- Object-signing certificates
25. Client SSL certificates
- Used to identify clients to servers via SSL (client
authentication).
- Typically, the identity of the client is assumed to be the same
as the identity of a human being, such as an employee in an
enterprise.
- A bank gives a customer a client SSL certificate that allows
the bank's servers to identify that customer and authorize access
to the customer's accounts.
- A company might give a new employee a client SSL certificate
that allows the company's servers to identify that employee and
authorize access to the company's servers.
26. Server SSL certificates
- Used to identify servers to clients via SSL (server
authentication).
- Server authentication may be used with or without client
authentication.
- Internet sites that engage in electronic commerce (commonly
known ase-commerce ) usually support certificate-based server
authentication, at a minimum, to establish an encrypted SSL session
and to assure customers that they are dealing with a web site
identified with a particular company. The encrypted SSL session
ensures that personal information sent over the network, such as
credit card numbers, cannot easily be intercepted.
27.
- Used for signed and encrypted email.
- A single certificate may be used as both an S/MIME certificate
and an SSL certificate.
- A company deploys combined S/MIME and SSL certificates solely
for the purpose of authenticating employee identities, thus
permitting signed email and client SSL authentication but not
encrypted email.
- Another company issues S/MIME certificates solely for the
purpose of both signing and encrypting email that deals with
sensitive financial or legal matters.
S/MIME certificates 28. Object-signing certificates
- Used to identify signers of Java code, JavaScript scripts, or
other signed files.
- A software company signs software distributed over the Internet
to provide users with some assurance that the software is a
legitimate product of that company. Using certificates and digital
signatures in this manner can also make it possible for users to
identify and control the kind of access downloaded software has to
their computers.
29. CAcertificates
- Client and server software use CA certificates to determine
what other certificates can be trusted.
- The CA certificates stored in Communicator determine what other
certificates that copy of Communicator can authenticate. An
administrator can implement some aspects of corporate security
policies by controlling the CA certificates stored in each user's
copy of Communicator.
30. Authentication Confirms an Identity
- Client authenticationrefers to the confident identification of
a client by a server (that is, identification of the person assumed
to be using the client software).
- Server authenticationrefers to the confident identification of
a server by a client (that is, identification of the organization
assumed to be responsible for the server at a particular network
address).
31. T wo forms of client authentication:
- Password-Based Authentication.
- Certificate-Based Authentication
32.
- The user has already decided to trust the server, either
without authentication or on the basis of server authentication via
SSL.
- The user has requested a resource controlled by the
server.
- The server requires client authentication before permitting
access to the requested resource.
Password-Based Authentication 33.
- In response to an authentication request from the server, the
client displays a dialog box requesting the user's name and
password for that server. The user must supply a name and password
separately for each new server the user wishes to use during a work
session.
- The client sends the name and password across the network,
either in the clear or over an encrypted SSL connection.
- The server looks up the name and password in its local password
database and, if they match, accepts them as evidence
authenticating the user's identity.
- The server determines whether the identified user is permitted
to access the requested resource, and if so allows the client to
access it.
Password-Based Authentication 34.
- the user has already decided to trust the server and has
requested a resource, and that the server has requested client
authentication in the process of evaluating whether to grant access
to the requested resource.
Certificate -Based Authentication 35.
- The client software maintains a database of the private keys
that correspond to the public keys published in any certificates
issued for that client. The client asks for the password to this
database the first time the client needs to access it during a
given session
Certificate -Based Authentication 36.
- The client unlocks the private-key database, retrieves the
private key for the user's certificate, and uses that private key
to digitally sign some data that has been randomly generated for
this purpose .The digital signature can be created only with that
private key and can be validated with the corresponding public key
against the signed data, which is unique to the SSL session.
Certificate -Based Authentication 37.
- The client sends both the user's certificate and the evidence
(the randomly generated piece of data that has been digitally
signed) across the network.
Certificate -Based Authentication 38.
- The server uses the certificate and the evidence to
authenticate the user's identity(more on SSL)
Certificate -Based Authentication 39.
- The server may optionallyperform other authentication tasksto
evaluate whether the identified user is permitted to access the
requested resource.
Certificate -Based Authentication 40. Certificate-based
authentication is generally considered preferable to password-based
authentication because it is based on what the user has (the
private key) as well as what the user knows (the password that
protects the private key). 41.
- C ertificates replace the authentication portion of the
interactionbetween the client and the server.
- Instead of requiring a user to send passwords across thenetwork
throughout the day, single sign-on requires the user toenter the
private-key database password just once, withoutsending it across
the network. .
42. Authentication Using Kerberos
- The operation of Kerberos V4.
43. SECURE SOCKET LAYER (SSL) A PROTOCOL BETWEEN TCP/IP LAYER
AND APPLICATION LAYER ORIGINALY DESIGNED BY NETSCAPE PROVIDES
SECURE COMMUNICATION BASED ON ENCRYPTION TECHNIQUES BASIC
FUNCTIONALITY: I. AUTHENTICATES SERVER II. AUTHENTICATES CLIENT
(OPTION) III. ENCRYPTS THE MESSAGE USES PUBLIC KEY FOR AUTHENTICAT.
USES SYMETRICAL KEY FOR MESSAGE ENCRYPTION 44. SERVER
AUTHENTICATION - SSL I. SERVER: SENDS THE CERIFICATEAND DIGITAL
SIGGNITUREOF RANDOM DATA II. CLIENT: READS THE CERTIFICATE EXTRACTS
PUBLIC KEY VERIFIES THE FOLLOWING: 1. Date within valid period? 2.
Is CA a trusted CA? 3. Is certificate's Digital Signature valid? 4.
Is the server's Domain Name correct? 45. CLIENT AUTHENTICATION -
SSL ( OPTIONAL) I.SERVER REQUEST CLIENT'S CERTIFICATE II. CLIENT
SENDS:1.CERIFICATE 2. DIGITAL SIGNITURE OF RANDOM DATA KNOWN ONLY
TO CLIENT AND SERVER. III. SERVER PERFORMS THE SAME STEPS AS THE
CLIENT IN THE PREVIOUS CASE 46. SSL HANDSHAKE 1. CLIENT SENDS
"hello" MESSAGE CONSISTING OF: Some system info Cipher to be used
Random number 2. SERVER RESPONDS WITH A SIMILAR MESSAGE 3. SERVER
SENDS ITS CERTIFICATE AND OPTIONALLY REQUESTS CLIENT CERTIFICATE 4.
CLIENT AUTHENTICATES SERVER 5. OPTIONALLY, SERVER AUTHENTICATES
CLIENT 47. SSL HANDSHAKE - cont. 6. BOTH CLIENT AND SERVER GENERATE
THE SESSION SYMETRICAL KEY AND SEND MESSAGES THAT FURTHER
COMMUNICATION WILL BE ENCRYPTED 7. ENCRYPTED SSL SESSION BEGINS 48.
SSL- establishing connection 49. SSL Session State 50. SSL
Connection State 51. SSL Handshake Protocol 52.
OPENSSL(www.opens.org) FREE SOFTWARE PACKAGE AVAILABLE ON THE NET.
CONSISTS OF: opens COMMAND LINE UTILITY SSL LIBRARIES SOME
DOCUMENTATION CAN BE USED FOR: Making yourself CA Writing SSL
Client/Server programs Studying SSL code 53. OpenSSL
- Free library providing cryptographic functions
-
- its not the only one, alternatives: Crypto++ and Cryptlib of
Peter Guttman
- The important feature is the complete implementation of the
protocols SSLv2,SSLv3 and TLSv1
- The relevant specifications are at:
- SSLv2: http://www.netscape.com/eng/security/SSL_2.html
- SSLv3: http://home.netscape.com/eng/ssl3/index.html
- TLS (RFC 2246): http://www.ietf.org/rfc/rfc2246.txt
- HTTPS (RFC 2818): http://www.ietf.org/rfc/rfc2818.txt
54. VIRTUALPRIVATENETWORKS (VPN) 1. CONNECTS SECURE NETWORKS VIA
INTERNET (NAT protected networks are incompatible with VPN) 2. USES
TUNNELING TECHNIQUE TO CREATE A ILLUSION OF A PRIVATE LEASED LINE
3. IS IMPLEMENTED BY ENCRYPTION AND CERTIFICATION SIMILAR TO SSL 4.
BASED ON PROTOCOL CALLED IPSec 55. Virtual Private Networks (VPN)
56.
- Adds integrity checking, authentication, encryption and
protection to IP packets
- End-to-end security + secure tunnels between gateways
- Independent of current cryptographic algorithms
- Works for IPv4 and IPv6 (mandatory component)
The IP security architecture (IPsec) 57. COMPONENTSOFIPSec 1.
AUTHENTICATION HEADER (AH) Responsiblefor authentication2.
ENCAPSULATED SECURITY PAYLOAD (ESP) Responsiblefor encryption 3.
INTERNET KEY EXCHANGE (IKE) Responsible for the handshake to
establish the encrypted communication 58. IP security scenario 59.
IPsec 60. Transport Mode Tunneling Mode 61.
- En-route intermediate processing:
- Destination specified in the outer header (Ipsec firewall or
router) receives the tunneled packet, extracts the original packet,
and sends to the ultimate destination
- Tradeoff: Processing overhead / extra security
IP security architecture (IPsec) 62. The IP security
architecture (IPsec) Authentication Header (AH) AH verifies that
the data hasnt been altered. In transport modesome fields in the IP
header change en-route and their value cannot be predicted by the
receiver (mutable fields) Type of service, flags, fragment offset,
time to live, header checksum. Protection of mutable fields? Use
tunneling 63. The IP security architecture (IPsec) Authentication
Header (AH) 64. The IP security architecture (IPsec) Encapsulating
Security Payload (ESP) ESP encrypts the data so it remains
confidential. Provide integrity check, authentication, and
encryption to IP datagrams 65. The IP security architecture (IPsec)
Encapsulating Security Payload (ESP) Transport-level security 66.
The IP security architecture (IPsec) Encapsulating Security Payload
(ESP) A virtual private network via Tunnel Mode 67.
- Tunneling (encapsulation):
- Common in packet-switching networks
- Wrapping a packet in a new one:
-
- a new header is attached to the original packet
-
- Entire original packet becomes the payload of the new one
IP security architecture (IPsec) 68. IPsec
- The IPsec authentication header in transport mode for
IPv4.
69. IPsec
- (a)ESP in transport mode.(b)ESP in tunnel mode.
70.
- Supports automated negotiation of Security Associations and
automated generation and refresh of cryptographic keys
- The ability to perform these functions with little or no manual
configuration of machinescritical element to any enterprise-scale
IPsec deployment.
The Internet Key Exchange protocol (IKE framework) 71.
Authentication Based on a Shared Secret Key
- Two-way authentication using a challenge-response
protocol.
72. Authentication Using Kerberos
- The operation of Kerberos V4.
73.
- To protect a network against unauthorised access to a network,
network administrators can set up a firewall.
- A firewall is a component that is incorporated into the gateway
between the network and any external connections.
- The firewall examines incoming packets from outside the
network.Packets using the HTTP or SMTP protocols are allowed to
pass through because they are considered safe but packets using
other protocols are rejected.
Firewalls Our Network Gateway Rest of World 74.
- Firewalls can also be programmed tolimit accessto certain
machines and certain ports.This reduces the chance of malicious
people trying to tie up computer resources from outside the
network.
- They can also be programmed toreject packetsor if they come
from certain sources.This reduces the chance of spamming (unwanted
E-mails from third parties).
- Firewalls can also limit access from the network to the rest of
the world to prevent the downloading of programs that may contain
viruses or to stop employees from wasting time by surfing the
net.
Firewalls 75.
- Firewallsdo not inhibitthe internal operation of the
network.Nor do they completely prevent access to the outside
world.
- Furthermore, what access is allowed can bemonitoredby the
Firewall which can flag suspicious activity.
Firewalls 76.
- Firewalls cannot protect against:
-
- Attacks that do not go through the firewall(hand carried
tapes/disks, modem connections).
-
- Data-driven attacks: something (malicious) is uploaded or
copied through a legitimate channel, and then executed.
-
- Denial of service attacks that overload the data connection
between Intranet and Internet.
Firewalls 77. Firewalls packet filter:restrict IP addresses (
address filtering ), ports connection filter:only allow packets
belonging to authorized (TCP) connections Application
(proxy)gateway:Reissues the request on behalf of the client
NAT:network address (and port) translator arenotfirewalls, but can
prevent all incoming connections 78. Packet filtering (screening
router) FirewallsAllow only datagrams with certain properties to
pass. 79. Firewalls 80. 81. 82. Packet filtering
- Service level filtering - TCP/UDP protocols
- Source/Destination filtering - IP Packets
- Limitations: Cannot control the data within the packet
83. PACKET FILTERING Firewall has to distinguish between the
outgoing packets (not filtered) and incoming packets (filtered)
EXAMPLE ClientFirewallServer telnetrequest telnet response In this
situation the firewall must allow The response to go through Secure
network Untrusted network 84. PACKET FILTERINGEXAMPLE - CONT
ClientFirewallServer telnet request In this situation the firewall
must stop the packet Secure network Untrusted network 85.
- The client request is configured as follows:
- dest IP dest Port #source IP source Port #
- The server response will come as follows:
- dest IP Dest Port #source IP source Port #
- The firewall is configured such that itallows incomingpackets
with destination Port # > 1024 and blocks the other incoming
packets
86. PACKET FILTERINGEXAMPLE CONT Solution: 2. Client builds a
Transmission Control Block (TCB) describing the request. TCB
contains the following: Verification tags for client and server IP
addresses of client and server State of the connection etc. The
firewall is configured to allow only the incoming packets which
came as a response to the request. 87. Application level(Proxy)
- Accepts the request from the client
- Checks for the validity of the request
- Reissues the request to the server
- Provides higher level of control then filtering
- In general, client software has to be modified
88. Circuit level Gateway
- Allows or disallows all TCP/IP services according to the set of
rules
- Most of the firewall software provides some combination of all
3 functions