This action might not be possible to undo. Are you sure you want to continue?
Security (Cryptography) Basics
In this session, we are going to talk about basic security and cryptography concepts. These are the basic concepts that you need, to understand and implement security regardless of the platform or application architecture. For example, whether you are writing J2EE based application or not, you would need to understand these concepts.
Sang Shin email@example.com www.javapassion.com/j2ee
Technology Evangelist Sun Microsystems, Inc.
Disclaimer & Acknowledgments
Even though Sang Shin is a full-time employee of Sun Microsystems, the contents here are created as his own personal endeavor and thus does not reflect any official stance of Sun Microsystems. Sun Microsystems is not responsible for any inaccuracies in the contents. Acknowledgments
speaker noted (Sang) Things to do – Do add more slides on Certificates: “what are certificates?” “why certificatebased authentication over password challenge scheme” 4 4 . contents reorganized (Sang) 01/24/2003: version 3.02/28/2006 Revision History ? ? ? ? 05/26/1998: version 1. created (Sang) 01/22/2003: version 2.
we will talk about authentication and authorization security services. tamper-proofing (data integrity) and encrypting. Next. we will talk about what is network security and why we need network security. For example. digital signing. Next. we will talk about the security services which we will need to handle common security threats. which is the basic underlying technology for supporting all network security schemes. First. we will spend some time looking into various network security technologies and get some sense as to how they work. Next. 5 . Tamper-proofing & Encrypting Security (Cryptographic) technologies Key distribution and management – Kerberos. Next. Certificate 5 ? Security needs for E-commerce So this is what we are going to talk about in this 60 minutes session. we will look into key distribution and management issues. Secret key scheme Digital signing. Next. Finally I will talk about what unique challenges that e-commerce and b2b transactions will have to overcome regarding network security. Next. we will take a close look at three most important security schemes. we will briefly look at the cryptographic process.02/28/2006 Agenda ? ? ? ? ? ? ? What is and Why network security? What security services do we need? Cryptographic process Public key vs. we will talk about public key and secret key schemes and how they are used in the context of cryptographic process. We will take a look at Kerberos as the best key distribution technology for secret keys and Certificate based key distribution technology for public keys.
data. Even though non-network related security issues such as physical security and security policies are important security issues on their own. 6 . resource Physical security Stand-alone system security Personnel issues Policy issues 6 ? Will not cover ? ? ? ? The focus of this session is network security in a distributed computing environment.02/28/2006 Security/Cryptographic systems ? Focus of this talk ? ? ? Network security Distributed computing Protection of network-based apps. those topics will not be addressed in this talk. We are mainly concerned about how we protect network based applications. data and resources.
02/28/2006 What is and Why Network Security? 7 So let's talk about “what is network security?” and “why network security is important?” 7 .
it was rather easy to deal with security. the physical security model has lost its significance. as more and more computing devices are getting connected and more and more applications are being built as distributed applications. Now. The advent of the internet and the web has raised the scale and frequency of network security threats. that is when computing devices were running in their own islands. The only thing they needed to do was to lock the door. 8 .02/28/2006 Why Network Security? ? for Distributed computing – – Logical set of services distributed over the network Physical security model (mainframe model) does not work anymore Increase of security threat in terms of both scale and frequency More stringent security for E-commerce and B2B ? for Internet and Web – – 8 Why network security? When networks were not that pervasive.
9 . they could cause a lot of trouble for you. someone might be able to grab it from the network and use it elsewhere with the intention of perpetrating fraud. Masquerading. We all know what “denial of service” means. For example. They might capture your request of withdrawing 1000 dollars from your bank account and then replay that request over the network. you will want to make sure that person does not deny it after the transaction has been completed. If you send your username and password in clear-text form. When someone performs a transaction and then deny it later can be a big problem in e-commerce. If someone can read your credit card information while it is on the wire. if you are manufacturer of something and you received a 1 million dollar purchase request from a customer. Data interception and manipulation. Replay attack. Repudiation.02/28/2006 Common Security Threats ? ? ? ? ? ? Identity interception Masquerading Replay attack Data interception and manipulation Repudiation Denial of service 9 So what are the common security threats? Identity interception means that someone might steal your identity and use it as their own.
So what kind of network security services do we need to address these threats? 10 .02/28/2006 What Security Services Do we need? 10 We just looked at the most common network security threats.
The need for centralized and easy to use security administration tools is becoming apparent. applications and resources are getting connected over the network in a very dynamic environment. At the same time there is the need for security transparency. What this means is that the security should be hidden from end-users and seamlessly integrated into the underlying framework. For example. First. Interoperability among various security systems are becoming an important issue again due to the fact that more and more business organizations are interacting internally within their divisions and externally performing b2b transactions with their business partners. 11 . The single-sign-on capability is needed not only within the intranet but also over the internet. Kerberos ? Interoperable security systems – 11 Before we get into generic network security services let's take a look at security needs from a typical enterprise customer. business organizations. As more and more users. controlled access to corporation information and secure business transaction over the internet are still evolving. security management is becoming a daunting task. single-sign-on is just beginning to be addressed. Next. single sign on capability. easy to use security admin tools Transparency of security features – end users should not be exposed to the underlying security schemes Various PKI schemes.02/28/2006 Security Needs of an Enterprise ? Single sign-on – Internet and intranet ? ? ? ? Controlled access to corporate information Secure business transaction over Internet Centralized. But this could be a good list to have when we think about how network security will evolve. Not all of these needs are relevant to every situation and not all of these needs will be addressed by current technologies that we use.
sometimes referred to as authorization. can access that resource. from reading the data. access control. 12 . a business organization or even a program entity has performed a transaction. sometimes referred to as data privacy. Data confidentiality. Auditing refers to logging information about the transactions that have occurred. First. other than the person for whom the data is intended. basically ensures that only those with proper access privilege. Second. Non-repudiation means making sure that there is a way to prove that a person.02/28/2006 Network Security Needs ? ? ? ? ? ? Authentication (Identity verification) Access control (Authorization) Data confidentiality (Privacy) Data integrity (Tamper-proofing) Non-repudiation (Proof of transaction) Auditing 12 What are the common network security needs? You have heard these terms many times and you will hear them many more times today. for a resource. will prevent anyone. authentication provides a way of verifying a person's identity.
How is the authentication scheme implemented? In a non-networking environment you could show your driver license with your photo to prove your identity. Authentication prevents identity interception and masquerading. In a networking environment we use digital signing to accomplish that. your driver license. digital signing is used to perform identity verification 13 Schemes – – Let us talk about authentication in a bit more detail. software entity) is who he claims to be (or what it claims to be) Prevents Identity interception. 13 . Masquerading In a non-networking environment. could be used to prove that you are who you claim to be In a networking environment. Authentication is used to verify that the user (maybe an organization or a program entity) is who he claims to be.02/28/2006 Authentication ? Verification of identity – – ? Making sure that a user (organization. with a picture.
We will talk about pros and cons of each key scheme later on in this presentation. Data confidentiality means to protect the information while it is on the wire. 14 . symmetric) key” or “public (asymmetric) key” 14 Now we will talk about data confidentiality.02/28/2006 Data Confidentiality (Privacy) ? ? Protects the information on the wire from prying eyes Schemes – Encrypting data by Cryptographic system ? ? Clear text data + Key -> Encryption technology -> Cyphertext Key could be either “shared (secret. In order to provide confidentiality of your data you can encrypt the data using cryptographic technology. How do you encrypt your data? Basically you apply an encryption algorithm to your clear text data using an encryption key as a seed and the result is the encrypted data. The key you use could be either a public key or a secret key.
each file maintains its own access permissions.List of users and groups and their access rights in LDAP server XACML 15 ? Schemes – – Access control specifies who can access what resources under what context. 15 . ACL specifies what operations. A File system is an example of a resource maintaining its own the access control. Database service (access control information is maintained by resources themselves) ACLs. For example.02/28/2006 Access Control (Authorization) ? ? Specifies which who can access what resources under what context Access control information can be maintained by either directory service or the resources themselves – File service. The access control information can be maintained by the use of an external technology. a set of users or groups can perform on various resources. A popular access control scheme is to maintain an ACL (access control list). like directory service. or by the resources themselves.
That is. The scheme for data integrity is digital hashing. Message Digest) Usually this digital hash is used as base data for digital signing ? ? Schemes – – message digest can be a small fixed size of data regardless of the size of original data 16 Data integrity means to prevent data tampering while it is on the wire. 16 . One thing to note is that the message digest is used for digital signing.02/28/2006 Data Integrity (Tamper-proofing) ? Prevents data tampering while data is on the wire – Making sure data received by the receiver is the same data sent by the sender Digital hashing (Digital Checksum. Digital hashing is like creating a digital checksum and it is sometimes called message digest. to ensure that the data received by the receiver is the same as the one sent by the sender. It is sometimes called tamper-proofing.
in a non-networking environment. digital signing is used ? Schemes – – 17 Non repudiation means being able to prove to a 3rd-party that a transaction actually happened. In this case the proof could be in the form of a signed paper or voice recording. At the same time you will want to have a guarantee that your brokerage house cannot deny the fact that it received your transaction request. For example. when you purchase merchandise using your credit card.02/28/2006 Non-repudiation ? Being able to prove to a 3rd-party that a transaction actually happened – Protects senders as well as recipients In a non-networking environment. The non-repudiation protects both senders and receivers of the transaction request. In a networking environment we will use digital signing to prove this. later on. the retailer can prove that you made a purchase In a networking environment. let's say that you perform a stock transaction with your brokerage house and buy 1000 shares of Ford. Your brokerage house will want to make sure you cannot deny the fact. that you performed the transaction. 17 .
Now let's spend sometime talking about how cryptographic process works.
Encrypt, Encipher, Encode: the process of converting plaintext to ciphertext
Encryption algorithm: a particular mathematical procedure of encrypting/decrypting Key: information that is used to encrypt or decrypt information in a distinctive way
• Secret Key (Symmetric, Shared) • Public Key (Asymmetric)
Cryptography: mechanisms to protect information by applying “encryption” to it that are hard to reverse without secret knowledge
First, let's talk about the terminology. The process of converting plaintext into ciphertext is called encrypting, enciphering or encoding. In this context, the term “encrypting” refers to converting plaintext into ciphertext and is not referring to the process of providing data confidentiality. So the term “encryption” and “enciphering” are used interchangeably here. In order to understand the encryption process you have to understand two things encryption algorithm and encryption key. Encryption algorithm is a mathematical procedure to encrypt or decrypt data. Encryption key is information that is fed to the encryption algorithm. Depending on the key, the outcome of the encryption would be different. The key could be either a public/private key or a secret key.
M is the original message Kenc is encryption key Kdec is decryption key
Encryption function—E M' is the scrambled message Ciphertext—M' Kdec It is “hard” to get M just by knowing M' Decryption function—D
E and D are related such that E(Kenc, M) = M'
D(Kdec , M') = M D(Kdec , E(Kenc, M)) = M 20
So how does cryptographic process work? The idea is rather simple. Let's say you have plaintext M. By providing the encryption key and the encryption function you get ciphertext, M'. The ciphertext can be decrypted using a decryption function and a decryption key and the result is the original text. In cryptographic process the mathematical property is such that it is practically impossible to derive M from M' unless the key is known.
02/28/2006 Cryptographic technologies (based on Security layers) ? ? Link layer encryption Network layer encryption ? IPSEC. 21 . If the encryption is done at the transport layer. The most popular encryption scheme is SSL and it is implemented at the transport layer. PCT(Private Communication Technology) PEM (Privacy Enhanced Mail) PGP (Pretty Good Privacy) SHTTP 21 ? Transport layer ? ? Application layer ? ? ? Cryptographic process can be implemented at various layers starting from the link layer all the way up to the application layer. SKIP SSL. any application that is running on the top of the transport layer can be protected. VPN.
The understanding. of how public and secret keys work and how they can work together. is very important. 22 .02/28/2006 Public Key versus Secret key 22 Now let's talk about the public key and the secret key.
They provide different security services. 23 . The two key schemes are different in many respects. There are two prominent key schemes . These are the reasons why you would choose one key scheme over the other. Key lengths are also different. business organizations. However.public/private key scheme. As we will talk about later.02/28/2006 Cryptographic Technologies Secret key vs. with secret key. First. where there will be millions of people. Only public/private key scheme provide it. they are different in terms of how keys are managed and distributed. for confidentiality. even programs who want to communicate without having to make elaborate prior arrangements. Second. and secret key scheme. Suitability of the schemes when used with the internet is also an issue. you can use either public/private key or secret key scheme. In this case. you cannot provide authentication nor non-repudiation. encryption algorithms are different. For example. Encryption performance is different between the two schemes. you cannot use the secret key scheme alone because it is almost impossible to have a mechanism that can generate and distribute a commonly agreed secret key. Public key ? Key Management and distribution – Public key is easier to distribute than the secret key ? ? ? Encryption algorithms Key length Performance – Secret key scheme is much much faster Digital signing is only possible with public key Public key 23 ? Security services possible – ? Suitability to intranet or internet – We have seen in the previous slide that cryptographic technologies can be categorized based on which network layer it is designed for. secret key alone cannot be used over the internet. The other very important criteria is the key scheme they employ in their cryptographic process. In fact this is a very important issue to think about. Secret key based encryption is much much faster than public/private key scheme.
02/28/2006 Secret Key Encryption ? Sender and receiver share a secret key – Same secret key is used for both encryption and decryption Fast and efficient Secure distribution of keys is a problem: Not suitable for Internet ? Pros – ? Cons – 24 24 .
the other private – Only private key needs to be kept secret ? The pair of keys is produced by a mathematical algorithm – It’s impossible to determine the value of the private key by knowing the public key ? One key is used for encryption and the other is used for decryption 25 25 .02/28/2006 Public Key Encryption ? Uses a pair of keys: one public.
products support Slower than secret key encryption • It is much more demanding on computing resources Cons – – – Validation of public keys still needs to be done • Certificate Authority (CA) Revocation of a public key is difficult 26 26 .) ? Pros – Easier key management and distribution ? No need to distribute secret key: More suitable for internet – – ? Digital signing is possible Broader ISV.02/28/2006 Public Key Encryption (Cont.
digital signing Encryption of the user data Performance ? Public key – – ? Secret key – – 27 27 .02/28/2006 Public key and Secret key schemes are used together ? In real life the Public key and Secret key schemes are used in tandem – SSL is a good example Exchange of session specific secret keys (Session Key) Easy key distribution.
AES ? ? ? ? ? Cryptographic Key negotiation Architecture and encryption Basic are separate cryptography Best of both Export control approaches free Examples: SSL Signatures. etc. AES ? ? ? Encryption and decryption keys are the same Key distribution is an issue Private key cryptography is faster Examples: DES. very slow slowetc.02/28/2006 Comparison of Key Schemes Private Key Public Key Cryptography ? ? Secret Key ? Session Key ? ? ? ? ? ? ? ? Cryptographic Encryption and Architecture decryption keys are same Basic different cryptography Key distribution is easier Export control an issue free Public key Privatekey cryptography is Signatures. 28 28 . Digests. Digests. Examples: RSA DES.
Tamper-proofing & Encrypting 29 29 .02/28/2006 Digital Signing.
02/28/2006 Digital Signing ? ? ? Used for authentication (verifying an identity) and non-repudiation Uses public/private key pair Steps for digital signing – – – Sender creates message digest from the data Sender enciphers the message digest with his private key If receiver can decipher received message digest with the sender’s public key. the data must be from the sender 30 30 .
) 31 31 .02/28/2006 Encrypting ? ? ? Used for data confidentiality Can use either “public/private” key pair or secret (symmetric) key Steps for encrypting using “public/private” key pair – – Sender encrypts data with receiver's public key. Receiver then decrypts data with his private key. (Only he can decrypt it since only he knows his private key.
32 32 . then the data must not have been changed. If they match.02/28/2006 Tamper-Proofing (Integrity) ? Performed as part of digital signing – – – – Sender creates message digest from the data to be sent before signing Receiver deciphers the signed message digest that he received from the sender (as part of authentication) Receiver also creates his own message digest from the data it received Receiver then compares the one that he received with the one that he created and sees if they match.
02/28/2006 Security (Cryptographic) Technologies 33 33 .
02/28/2006 Encryption Technology Issues for both Secret and Public keys ? Encryption Strength ? ? ? Algorithm Key length Implementation ? Key distribution/management 34 34 .
02/28/2006 Secret-key encryption algorithms (Symmetric algorithms) ? ? ? DES (Data Encryption Standard) .56bit Triple DES-112bit IDEA (International Data Encryption Algorithm) ? ? ? 128bit key More complex (complete) than DES but the speed is comparable Used in PGP ? ? RC2 and RC4 Skipjack (Clipper) ? Two-master keys 35 35 .
02/28/2006 Public-key encryption algorithms (Asymmetric algorithms) ? Based on mathematical computations that are easy to compute in one direction but are practically impossible in the reverse direction ? ? Diffie-Hellman(DH): Exponentiation is easy but computing discrete logarithms from the resulting value is practically impossible RSA: Multiplication of two large prime numbers is easy but factoring the resulting product is practically impossible 36 36 .
(A power of X) for Alice and (A power of Y). it is impossible to guess private keys X and Y 37 37 . X & Y ? ? X is private key of Alice Y is private key of Bob – Each exponentiates the shared public data A with their private key. generates a public key ? ? (A power of X) is the public key for Alice (A power of Y) is the public key for Bob – From public key.02/28/2006 Diffie-Hellman (DH) algorithm ? ? Private key and Public key generation Example between Alice and Bob – Each generates random number (private key).
(A power of X) power of Y 38 38 . (A power of Y) Private key of himself. (A power of X) – Bob has ? ? – The common secret key can be computed if each exponentiate each other's public key with their private key and they are the same ? ? Alice .02/28/2006 Diffie-Hellman (DH) algorithm ? Generation of common secret key is possible – Alice has ? ? Private key of herself. Y Public key of Alice. X Public key of Bob.(A power of Y) power of X Bob .
data privacy and non-repudiation Most widely used public key encryption algorithm ? SSL. The Public key is N Foundation of PKCS (Public Key Cryptography Standards) ? ? Use of RSA and DES for strong authentication Sun. data integrity. Private key is computed from P and Q. PGP. RSA digital signatures ? ? P * Q = N. PEM.02/28/2006 RSA algorithm ? ? Used for authentication. Lotus endorsement 39 39 . Microsoft.
been broken yet RSA’s strength is based on the fact that it is not feasible. for all practical purposes. for all practical purposes. to factor numbers containing 150 or more digits 40 40 .02/28/2006 Encryption Algorithm strength ? ? Public key encryption has not.
02/28/2006 Key length ? ? Directly related encryption strength If encryption algorithm can’t be broken. the next best attack is to find the key by brute force – – Algorithms are well-published By “being broken”. I was referring to finding flaws in the algorithm ? Key’s protection rises exponentially with its length 41 41 .
) ? ? Keys in public key encryption are longer than ones in secret key encryption Secret key encryptions ? ? ? ? DES (56 bits) Triple DES (112 bits) Skipjack (80 bits) IDEA (128 bits) Minimum 512 bits (150 decimal digits) up to 2048 bits Requires serious computing power ? Public key encryptions ? ? 42 42 .02/28/2006 Key length (Cont.
02/28/2006 Performance ? Using public key to encrypt entire messages or files is not practical from performance perspective ? Public key encryption isn’t used to sign an entire message but rather only the message digest ? ? DES is 100 times faster than public key scheme using software and 1000 to 10. which is then used to encrypt actual data 43 43 .000 times faster using hardware This is the reason why public key is used to exchange the secret key.
Certificate) 44 We learned that an encryption key plays a very important role in cryptographic technology.02/28/2006 Key Management & Distribution (Kerberos. Now the question is how do we distribute and manage these keys? 44 .
managed and revoked How keys are distributed This is an issue to both secret and public key encryption systems – – Secret key: via Key Distribution Center (KDC). how do we distribute these keys? In fact. store and manage these keys? How do we revoke these keys? These are all important issues in order to have viable security infrastructure. For public key distributions the concept of a certificate is very imprint to understand how key distribution and management tasks are performed. First. Kerberos Public key: via Certificate (PKI) 45 Here is the list of issues that are relevant to key management and distribution. this is the key difference between secret key and public key schemes. 45 . The following technologies have been identified and successfully used to provide key distributions. how do we generate. Second. For secret key distributions people have been using Kerberos which uses a centralized key distribution server. stored.02/28/2006 Key Management & Distribution ? ? ? How keys are generated.
ANSI X9. Kerberos 46 46 . which is used for data encryption for a specific period of time and then generate a new secret key ? Key Distribution Center (KDC) .17.02/28/2006 Secret Key Management & Distribution Techniques ? Use public key encryption to exchange newly generated secret key – – Diffie-Hellman (DH) key exchange or Use RSA to send Secret key to the receiver ? Start out by using a previously agreed upon secret key – Immediately generate a new secret key.
02/28/2006 Key Distribution Center (KDC) ? ? ? No need for a pair-wise key for every pair of hosts Each principal has a master key for communicating with KDC Scenario .Alice talking to Bob securely ? ? ? ? ? ? Alice asks for Session key from KDC KDC uses random number generator to generate a fresh Session key KDC encrypts it with Alice’s and Bob’s master keys KDC sends the encrypted Session keys to Alice Alice sends the “encrypted Session key with Bob’s master key” to Bob 47 Now they have a common Session key 47 .
02/28/2006 Kerberos ? Authenticates the identity of network principals ? Strong authentication • • • • Username/Current-time/encryption initial contact “Shared secret key” between principals and KDC Passwords never on the wire Mutual authentication ? ? ? Single sign-on solution Cross-realm operation Delegation 48 48 .
) ? ? Holds a database of all principals and their master keys This database needs to be carefully protected ? ? Server needs to be physically secured The master keys in the database are all encrypted with the server’s own private master key Session key is kept in the encrypted “ticket-grantingticket” (TGT) Immune to server crash 49 ? Never maintains the session key internally ? ? 49 .02/28/2006 Kerberos (Cont.
02/28/2006 Kerberos drawbacks ? ? Each application needs to be kerberosized Single point(s) of Security risk/failure ? ? ? ? KDC system (OS. file system) itself must be secure Requires physically secure kerberos sever(s) KDC master key needs to be highly protected Potential performance bottleneck ? Kerberos v5 is not exportable (v4 is) 50 50 .
Certificate management/distribution ? ? There is no secret key distribution problem We still need a trusted 3 rd-party (CA) to validate public keys ? ? ? ? CA creates a Certificate for a certain user (Binding) Certificate contains the user’s public key and ids Public key is encrypted by CA’s private key (CA’s signature) Users then validate the Certificate by CA’s public key ? Certificates can be transmitted over insecure network and stored in insecure storage 51 51 .02/28/2006 Public key.
02/28/2006 Certificates 52 52 .
DNS. NIS. even plain files ? ? Certificate distribution Hierarchy of CA’s 53 53 .02/28/2006 Certificate Management issues (PKI Operations) ? ? ? ? ? Certificate generation Certificate lifetime management Certificate revocation (thorny issue) Certificate publishing Certificate storage ? Directory server. NIS+.
509 ? ? Principal name Public key ? PGP (Pretty Good Privacy) 54 54 .02/28/2006 Certificate formats ? X.
02/28/2006 Certificate distribution ? Transparent distribution ? Directory service • X. ISAKMP • SSL.509 • LDAP ? Key exchange • IPSEC key management protocols: SKIP. PCT ? Interactive distribution ? ? ? Email requests Web sites Finger requests 55 55 . X.500.
02/28/2006 Certificate Authority (CA) ? ? ? Generates certificates Signs certificates with its own private key CA structures ? Single centralized CA • Bottleneck • No flexibility to accommodate certificate policy ? ? Multiple Cas Hierarchy of CAs • Delegation of ‘certification generation” authority • Root CA signs certificates of next level CAs 56 56 .
02/28/2006 PEM and PGP CA model ? PEM (RFC 1422) ? ? ? ? ? One single global hierarchical structure The root CA is the Internet Policy Registration Authority(IPRA) The next level CA is the Policy Creation Authority(PRA) The next level has the organizational Cas Not much industry support Designed for individual users to authenticate each other 57 Each individual is his own CA ? PGP ? ? 57 .
02/28/2006 Server Authentication by Browser 58 58 .
The certificates of well-known CAs are preinstalled in every copy of browser You can add certificates of other CAs later on When the browser connects to a secure SSL server. For example. The browser then validates it using the public key of the well known CA of which it has prior knowledge Transparent operation to end users 59 59 . the server will send its certificate to the browser client.02/28/2006 Server authentication by Browser ? ? ? ? ? ? Server certificates are issued and signed by a commercial CA. Inc. Verisign.
02/28/2006 Cryptographic Technologies at the IP Layer 60 60 .
02/28/2006 Cryptographic technology types . SKIP SSL.Location within a system ? ? Link layer encryption Network layer (IP layer) encryption ? IPSEC. PCT(Private Communication Technology) PEM (Privacy Enhanced Mail) PGP (Pretty Good Privacy) SHTTP 61 ? Transport layer ? ? Application layer ? ? ? 61 . VPN.
02/28/2006 Requirements for IP layer security ? ? ? ? ? ? Cryptographic system designed specifically for TCP/IP Security services are between sites (or hosts) and not between individuals or apps Basis for VPN support Designed to work over public and insecure Internet Should accommodate existing TCP/IP apps Should accommodate existing Internet infrastructure – there should be no change in routers or ISPs 62 62 .
02/28/2006 IPSEC (IP Security Protocol) ? ? Originally was part of IPv6. but adapted to IPv4 Provides data integrity. data privacy services ? ? Authentication Header (AH): Digital checksum (MD5) Encapsulating Security Payload (ESP): Encryption (DES) ? Sender of IP packet specifies Security Association for each IP packet ? ? ? Specification of the crypto method to be used Keys to be used by the crypto methods IP addresses of the sender and the receiver 63 63 .
02/28/2006 IPSEC key management ? ? Manual keying Simple Key Interchange Protocol (SKIP) ? ? ? ? Developed by Sun for VPN (SunScreen) Designed for key exchange by special header Special header (20 to 30 bytes) for every IP packet Supports DH key exchange Management of Security Associations as well as key exchange Supports Oakley 64 ? ISAKMP ? ? 64 .
02/28/2006 Message Digest 65 65 .
66 . The properties of the message digest are as mentioned above in the slide.02/28/2006 MD (Message Digest) ? ? Calculating a checksum using mathematical algorithms Properties – – It is impossible to guess the original data from the message digest Regardless of the size of the original data the resulting message digest can be a fixed size ? This is the reason why it is used for digital signing – A change of a single bit in the original data will result in a different message digest ? Possibility of generating same message digest is practically non-existent 66 What is a Message digest? Message digest is a checksum of a particular data and is created using some proven mathematical algorithm.
MD5 (RFC 1320. 1321) ? ? 128-bit digest from messages of any length Developed by Ron Rivest 160-bit digest Developed by NIST More secure but slower than MD4 and MD5 ? SHA (Secure Hash Algorithm) ? ? ? 67 The most popular message digest standards are MD4 and MD5 and SHA (Secure hash algorithm).02/28/2006 MD (Message Digest) Standards ? MD4. 67 .
68 .02/28/2006 Security Needs for E-commerce 68 Now let's talk a little bit on security needs for e-commerce or b2b transaction over the internet.
First. 69 . Intranet ? ? ? ? Functional requirement ? Security requirements for internet-scale e-commerce and b2b transactions are more stringent than the ones for intranet because of some differences.02/28/2006 Secure Internet Communication ? Customer requirements ? ? ? E-commerce Business to business transaction Secure access to corporate data Millions of users with no prior contact Data over insecure communication channel No centralized controlling organization Has to be fast and reliable 69 ? Characteristics of Internet vs. the number of users. business organizations and even programs are communicating with their communicating partners typically without any previously established relationship and also there is no centralized organization controlling the use of the internet. over the internet.
02/28/2006 Passion! 70 70 .
This action might not be possible to undo. Are you sure you want to continue?
We've moved you to where you read on your other device.
Get the full title to continue reading from where you left off, or restart the preview.