Internet Security

Aspects of Security

Privacy
     

sender and receiver expect confidentiality transmitted message must make sense only the intended receiver to all others, message must be unintelligible Plaintext: to be encrypted at the sender Ciphertext: encrypted data and will be decrypted at the receiver Encryption/decryption methods:
 

secret-key method public-key method

Secret-key Encryption/Decryption

Same key is used by both parties -> key is shared <->symmetric encryption algorithms Algorithm used for decryption is the inverse of the algorithm used for encryption

Advantages & Disadvantages
 Advantages:
 

Take less time to encrypt a message Key is small -> used for long messages Each pair of users must have a secret key. N people -> need N(N-1)/2 secret keys. The distribution of the keys between two parties can be difficult -> Solution: using a third party KDC (Key Distribution Center) -> shares a key with both users

 Disadvantages:
 

Public Key Encryption
a

private key + a public key  Private key:
 

is kept by receiver (individual) is used to decrypt ciphertext

 Public
 

key:

is announced to the public is used to encrypt plaintext

Public Key Encryption

Advantages & Disadvantages

Advantages:

Each entity is independent and the pair of keys can be used to communicate with any other entity. The number of keys needed is reduced tremendously <-> N users -> 2N keys The complexity of algorithm <-> using the long keys takes a lot of time -> just efficient for short messages The association between an entity and its public key must be verified (certification) -> solution: CA – Certification Authority

Disadvantages:

CA – Certification Authority

certify the binding between a public key and the owner (by issuing a certificate) How?

CA combine a public key and information about an entity into one document then CA encrypts the document with its private key and sends it to everyone registered to that authority the registered users can use their public key to decrypt the certificate and find the public key of the entity.

Using the Combination
 Secret

key method: efficiency (long messages)  Public key method: easy distribution of keys  Combination:
 

Public key is used to encrypt the secret key Secret key is used to encrypt the message

Using the Combination

Digital Signature
 To

achieve authentication, integrity and non-repudiation  Two choices:
 

Signing the whole document Signing the Digest

Signing the Whole Document

Sender uses his private key to encrypt (sign) the message <-> his signature Receiver uses the public key of the sender to decrypt the message

Digital Signature can provide integrity, authentication and non-repudiation -> How?

Integrity:  If an intruder intercepts the message and partially or totally changes it -> the decrypted message would be unreadable Authentication:  If an intruder (X) sends a message pretending that it is coming from someone else (G)  He must use his own private key for encryption (private X)  Message is then decrypted with the public key of G will therefore be unreadable  Encryption with X’s private key and decryption with G’s public key results in garbage Non-repudiation:  If sender denies sending the message, his private key corresponding to his public key can be tested on the original plaintext.

 Digital

signature does not provide Privacy. If there is a need for privacy, another layer of encryption/decryption must be applied

Signing the Digest
 Using

public key to sign the entire message is very inefficient if message is very long -> signing a digest of the document instead of the whole document  Operations:

Sender creates a miniature version (digest) of the document and signs it Receiver then checks the signature on the miniature

Hash Function

To create a digest of the message -> using a hash function Hash function creates a fixed-size digest from a variable-length message

Hash Function
 Two
 

most common hash function:

MD5 (Message Digest 5): 120-bit digest SHA-1 (Secure Hash Algorithm 1): 160-bit digest

 Two

properties:

Hashing is one-way: the digest can only be created from the message, not vice versa One-to-one function: there is little probability that two messages will create the same digest

Signing the Digest – Operations at Sender site

After the digest has been created, it is encrypted (signed) using the sender’s private key The encrypted digest is attached to the original message and sent to receiver

Signing the Digest – Operations at Receiver site

Receiver receives the original message and the encrypted digest Using the same hash function to the message to create the second digest Decrypts the received digest using the public key of the sender, then compares it with the second digest

Digest is secure in terms of integrity, authentication and non-repudiation. But, what about the message itself?

Integrity:

Digest has not been changed and the digest is a replica of the message -> message has not been changed (NO two messages can create the same digest) If an intruder had initiated the message, the message would not created the same digest (NO two messages can create the same digest) Sender cannot deny the message since he cannot deny the digest

Authentication:

Non-repudiation:

Assignments (Course Project)
 Group1:

DES (Data Encryption Standard)  Group2: RSA (A Public Key Method)  Group3: MD5  Group4: SHA-1

Security in the Internet
 

Security measures can be applied to AL, TL, IPL App Layer:
 

each app is responsible for providing security simplest more complicated very complicated (security for both user apps and services to other protocols)

Trans Layer:

IP Layer:

Application Layer Security
 used

on Internet communication that involves only two parties  sender and receiver can agree to use the same protocol and to use any type of security services they desire  Two most common used protocols: PGP and SSH

PGP – Pretty Good Privacy
 Provides

all four aspects of security (Email)

Integrity, authentication, and non-repudiation: using Digital Signature (combination of hashing and public-key encryption) Privacy: using a combination of secret-key and public-key encryption 1 hash function, 1 secret key, 2 private-public key pairs

 Using:

PGP at the Sender site

PGP at the Receiver site

Transport Layer Security - TLS
 

Derived from SSL (Secure Socket Layer) For transactions on the Internet, a browser needs:

Customer needs to be sure that server belongs to the actual vendor, not an imposter -> authentication Customer needs to be sure that the contents of the message are not modified during transition -> integrity Customer needs to be sure that an imposter does not intercept sensitive information -> privacy so on…

Position of TLS

TLS = Handshake protocol + Data Exchange protocol

Handshake protocol: defines the exchange of a series of messages between browser and server.
  

negotiating security authenticating the server to browser defining other communication parameters (option) using the secret key to encrypt data secure and to encrypt the message digest for integrity details and specifications of algorithms is agreed upon during the handshake phase

Data Exchange protocol:

Handshake protocol
TLS version & references

Public key (certified by CA) encrypted with server public key

encrypted by secret key

• decrypts secret key using private key • decrypts message using secret key

encrypted by secret key

Security at the IP Layer IPSEC

 

providing security for a packet carried on the Internet NOT defining the use of any specific encryption or authentication method providing a framework and a mechanism leaving the selection of the encryption, authentication and hashing methods to the user Two protocols used at IP (network layer): Authentication Header (AH) and Encapsulating Security Payload (ESP).

Authentication Header - AH
 

providing Integrity: involves a digital signature using a hashing function Message digest (created by applying the hashing function) is included in AH header, and inserted between the IP header and transport layer data and header

AH Header Format
Length of AH Type of Payload carried by IP datagram

Security method

Result of applying a hash function to the entire IP datagram

Ordering information for a sequence of datagram

Addition of an AH header
1.

2.

3.

4.

An AH header is added to Payload with authentication data field set to 0 The AH header and Payload are hashed to create the authentication data The authentication data are inserted into the AH header The IP header is added after changing the value of the protocol field to 51

Encapsulating Security Payload - ESP

Privacy AH ESP No Yes

Integrity and message authentication Yes Yes

ESP Procedure
1. 2. 3. 4. 5. 6.

An ESP trailer is added to Payload The Payload and the trailer are encrypted The ESP header is added The ESP header, Payload, and the ESP trailer are used to create authentication data The authentication data are added at the end of the ESP trailer The IP header is added after changing the protocol value to 50

ESP – Format of Header and Trailer

Firewalls

A router installed between the internal network of an organization and the rest of the Internet. Forwarding some packets and filter others

Two types (based on specific purposes)
 

Packet-filter Firewall Proxy-based Firewall

Packet-Filter Firewall
 Forward

or block packets based on the information in:
network layer header: source, destination IP addresses transport layer header: source, destination Port addresses type of protocol (TCP or UDP)

 using

a Filtering Table to decide which packet must be discarded

Filtering Table

Proxy Firewall

Filter a message based on the information available in the message itself (at application layer)