Unit IV Security Requirements ICS

Unit IV
Security Requirements
Prof.Pranali G Chavhan,VIIT,Pune
IP Security (IPSec)
• IPSec is a framework of open standards
developed by the Internet Engineering Task
Force (IETF).
Creates secure, authenticated, reliable

communications over IP networks
IP Security Architecture
• IPSec documents:
– RFC 2401: An overview of security architecture
– RFC 2402: Description of a packet authentication
extension to IPv4 and IPv6
– RFC 2406: Description of a packet encryption
extension to IPv4 and IPv6
– RFC 2408: Specification of key management
capabilities
IPV6
IPV4
IPSec Security Protocols
• Authentication Header (AH)
• Encapsulating Security Payload (ESP)
IPSec Security Protocols
• Authentication Header (AH) provides:
- Connectionless integrity
- Data origin authentication
- Protection against replay attacks
• Encapsulating Security Payload (ESP) provides:
- Confidentiality (encryption)
- Connectionless integrity
- Data origin authentication
- Protection against reply attacks
• Both protocols may be used alone or applied in combination

with each other.
Encapsulated Security Payload (ESP)
• Must encrypt and/or authenticate in each
packet
• Encryption occurs before authentication
• Authentication is applied to data in the IPSec
header as well as the data contained as payload
IPSec Encapsulating Security Payload (ESP) in
Transport Mode
Orig IP Hdr TCP Hdr Data
Insert Append
Orig IP Hdr ESP Hdr TCP Hdr Data ESP Trailer ESP Auth
Usually encrypted
integrity hash coverage
SecParamIndex Seq# InitVector Keyed Hash
22-36 bytes total Padding PadLength NextHdr

ESP is IP protocol 50 Prof.Pranali G Chavhan,VIIT,Pune
IPSec ESP Tunnel Mode
IPHdr ESP Hdr IP Hdr TCP Hdr Data ESP Trailer ESP Auth
Usually encrypted
integrity hash coverage
New IP header with source & destination IP

address
Authentication Header (AH)
• Authentication is applied to the entire packet,
with the mutable fields in the IP header zeroed
out
• If both ESP and AH are applied to a packet,
AH follows ESP
IPSec Authentication Header (AH)
in Transport Mode
Insert
Orig IP Hdr AH Hdr TCP Hdr Data
Integrity hash coverage (except for mutable fields in IP hdr)
Next Hdr Payload Len Rsrv SecParamIndex Seq# Keyed Hash
AH is IP protocol 51 24 bytes total
© 2000 Microsoft Corporation
IPSec AH Tunnel Mode
IP Hdr AH Hdr Orig IP Hdr TCP Hdr Data
Integrity hash coverage (except for mutable new IP hdr fields)
New IP header with source &

destination IP address
ISAKMP-Internet Security Association and Key
Management Protocol
• RFC 2408
• Internet Security Association & Key Management Protocol
• Protocol
– Establish, modify, and delete SAs
– Negotiate crypto keys
• Procedures
– Authentication of peers
– Threat mitigation
ISAKMP
• Defines procedures and packet formats to deal with SAs

and keys
• Provides a framework for secure communication on the
Internet
• Does not specify algorithms, formats, or protocols
• ISAKMP is a framework in which a specific secure
communication definition can be implemented
ISAKMP
• Security Associations
• Authentication
• Public Key Cryptography
• Protection
• DoS – Anti-Clogging
• Hijacking a connection
• Man in the middle attacks
IISAKMP – Phases
• Phase 1: Two entities agree on how to protect further

negotiation traffic. They negotiate an ISAKMP SA for an
authenticated and secure channel
• Phase 2:The phase 1 secure channel is used to negotiate
security services for IPSec.
ISAKMP
Header
Initiator Cookie
Responder Cookie
Major Minor
Next Payload Version Version Exchange Type Flags
Message ID
Length
Oakley key determination protocol
• problems with basic DH:
– it is subject to a man-in-the-middle type attack
– it is vulnerable to a clogging attack
• attacker sends fake DH messages to a victim from a forged IP address
• victim starts performing modular exponentiations to compute a secret key
• victim can be blocked with useless work
• added security features of Oakley
– cookie exchange to thwart clogging attacks
• hash(src IP addr, dst IP addr, src UDP port, dst UDP port, local secret)
• local secret is periodically changed
– uses nonces to detect replay attacks
– authenticates the DH exchange to thwart man-in-the-middle attacks
• based on digital signatures, public key encryption, or symmetric key
encryption
– enables the parties to negotiate the global parameters of the DH exchange
(e.g., the prime p that defines the group and the generator g of the group)
• few predefined groupsProf.Pranali G Chavhan,VIIT,Pune
Virtual Private Networks (VPNs)
• Used to connect two private networks together via the Internet
• Used to connect remote users to a private network via the
Internet
• This could be done by opening your firewall to the LAN
networking protocols (NETBIOS, NFS NetWare, AppleTalk))
– But… it would also make those protocols available to any one on the
Internet and they could come into your LAN at will
– Effectively make the whole Internet your LAN
• Exposes all of your data
• Anyone can easily take advantage of vulnerabilities in your internal hosts
• No privacy
• Better solution is to use a VPN in conjunction with your
firewall
VPNs
• Since we all understand that IP is used to transport information
between LANs if we add some security stuff to IP then this
transport can be made more secure
• Can be done two ways:
– At the network level using IPSec
• Currently the most widely used method
– But requires special client installation on each workstation (more IT $)
– At the Transport level using SSL
• Quickly gaining popularity because there are no special software
installation requirements for end user workstations
– All that’s required is a browser with SSL support
» Mozilla
» Internet Explorer
» Netscape
» Opera
SSL Change Cipher Spec Protocol
• one of 3 SSL specific protocols which use the
SSL Record protocol
• a single message
• causes pending state to become current
• hence updating the cipher suite in use
SSL Alert Protocol
• conveys SSL-related alerts to peer entity
• severity
• warning or fatal
• specific alert
• unexpected message, bad record mac, decompression failure,
handshake failure, illegal parameter
• close notify, no certificate, bad certificate, unsupported certificate,
certificate revoked, certificate expired, certificate unknown
• compressed & encrypted like all SSL data
Web Security
Use your mentality

Wake up to reality
—From the song, "I've Got You under My
Skin“ by Cole Porter
Web Security
• Web now widely used by business,
government, individuals
• but Internet & Web are vulnerable
• have a variety of threats
– integrity
– confidentiality
– denial of service
– authentication
• need added security mechanisms
SSL Handshake Protocol
• allows server & client to:
– authenticate each other
– to negotiate encryption & MAC algorithms
– to negotiate cryptographic keys to be used
• comprises a series of messages in phases
– Establish Security Capabilities
– Server Authentication and Key Exchange
– Client Authentication and Key Exchange
– Finish
SSL Handshake Protocol
TLS (Transport Layer Security)
• IETF standard RFC 2246 similar to SSLv3
• with minor differences
– in record format version number
– uses HMAC for MAC
– a pseudo-random function expands secrets
– has additional alert codes
– some changes in supported ciphers
– changes in certificate negotiations
– changes in use of padding
Secure Electronic Transactions (SET)
• open encryption & security specification
• to protect Internet credit card transactions
• developed in 1996 by Mastercard, Visa etc
• not a payment system
• rather a set of security protocols & formats
– secure communications amongst parties
– trust from use of X.509v3 certificates
– privacy by restricted info to those who need it
SET Components
SET Transaction
1. customer opens account
2. customer receives a certificate
3. merchants have their own certificates
4. customer places an order
5. merchant is verified
6. order and payment are sent
7. merchant requests payment authorization
8. merchant confirms order
9. merchant provides goods or service
10. merchant requests payment
Dual Signature
• customer creates dual messages
– order information (OI) for merchant
– payment information (PI) for bank
• neither party needs details of other
• but must know they are linked
• use a dual signature for this
– signed concatenated hashes of OI & PI
Purchase Request – Customer
Purchase Request – Merchant
Purchase Request – Merchant
1. verifies cardholder certificates using CA sigs
2. verifies dual signature using customer's public
signature key to ensure order has not been tampered
with in transit & that it was signed using
cardholder's private signature key
3. processes order and forwards the payment
information to the payment gateway for
authorization (described later)
4. sends a purchase response to cardholder
Payment Gateway Authorization
1. verifies all certificates
2. decrypts digital envelope of authorization block to obtain
symmetric key & then decrypts authorization block
3. verifies merchant's signature on authorization block
4. decrypts digital envelope of payment block to obtain
symmetric key & then decrypts payment block
5. verifies dual signature on payment block
6. verifies that transaction ID received from merchant matches
that in PI received (indirectly) from customer
7. requests & receives an authorization from issuer
8. sends authorization response back to merchant
Payment Capture
• merchant sends payment gateway a payment
capture request
• gateway checks request
• then causes funds to be transferred to
merchants account
• notifies merchant using capture response
Electronic mail security
Pretty Good Privacy
• Philip R. Zimmerman is the creator of PGP.
• PGP provides a confidentiality and
authentication service that can be used for
electronic mail and file storage applications.
Why Is PGP Popular?
• It is availiable free on a variety of platforms.
• Based on well known algorithms.
• Wide range of applicability
• Not developed or controlled by governmental
or standards organizations
Operational Description
• Consist of five services:
– Authentication
– Confidentiality
– Compression
– E-mail compatibility
– Segmentation
Compression
• PGP compresses the message after applying
the signature but before encryption
• The placement of the compression algorithm is
critical.
• The compression algorithm used is ZIP
(described in appendix 5A)
Format of PGP Message
S/MIME
• Secure/Multipurpose Internet Mail Extension
• S/MIME will probably emerge as the industry
standard.
• PGP for personal e-mail security
Simple Mail Transfer Protocol (SMTP,
RFC 822)
• SMTP Limitations - Can not transmit, or has a problem
with:
– executable files, or other binary files (jpeg image)
– “national language” characters (non-ASCII)
– messages over a certain size
– ASCII to EBCDIC translation problems
– lines longer than a certain length (72 to 254 characters)
Header fields in MIME
• MIME-Version: Must be “1.0” -> RFC 2045, RFC 2046
• Content-Type: More types being added by developers
(application/word)
• Content-Transfer-Encoding: How message has been
encoded (radix-64)
• Content-ID: Unique identifying character string.
• Content Description: Needed when content is not readable
text (e.g.,mpeg)
S/MIME Functions
• Enveloped Data: Encrypted content and encrypted
session keys for recipients.
• Signed Data: Message Digest encrypted with private
key of “signer.”
• Clear-Signed Data: Signed but not encrypted.
• Signed and Enveloped Data: Various orderings for
encrypting and signing.
Secure Electronic Transactions
• An open encryption and security specification.
• Protect credit card transaction on the Internet.
• Companies involved:
– MasterCard, Visa, IBM, Microsoft, Netscape,
RSA, Terisa and Verisign
• Not a payment system.
• Set of security protocols and formats.
SET Services
• Provides a secure communication channel in a
transaction.
• Provides tust by the use of X.509v3 digital
certificates.
• Ensures privacy.
SET Overview
• Key Features of SET:
– Confidentiality of information
– Integrity of data
– Cardholder account authentication
– Merchant authentication
SET Participants
Sequence of events for transactions
1. The customer opens an account.
2. The customer receives a certificate.
3. Merchants have their own certificates.
4. The customer places an order.
5. The merchant is verified.
6. The order and payment are sent.
7. The merchant request payment authorization.
8. The merchant confirm the order.
9. The merchant provides the goods or service.
10. The merchant requests payments.

Unit IV Security Requirements ICS

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Unit IV Security Requirements ICS

Uploaded by

Copyright:

Available Formats

Unit IV

Creates secure, authenticated, reliable

• Both protocols may be used alone or applied in combination

Orig IP Hdr TCP Hdr Data

integrity hash coverage

SecParamIndex Seq# InitVector Keyed Hash

22-36 bytes total Padding PadLength NextHdr

Orig IP Hdr TCP Hdr Data

integrity hash coverage

New IP header with source & destination IP

Orig IP Hdr TCP Hdr Data

Integrity hash coverage (except for mutable fields in IP hdr)

Next Hdr Payload Len Rsrv SecParamIndex Seq# Keyed Hash

AH is IP protocol 51 24 bytes total

Orig IP Hdr TCP Hdr Data

IP Hdr AH Hdr Orig IP Hdr TCP Hdr Data

Integrity hash coverage (except for mutable new IP hdr fields)

New IP header with source &

• Defines procedures and packet formats to deal with SAs

• Phase 1: Two entities agree on how to protect further

Use your mentality

You might also like