Professional Documents
Culture Documents
Unit 5 Iss
Unit 5 Iss
Contents
5.1 PGP (Pretty Good Privacy)
5.2 PGP Services
5.3 PGP Message Generation
5.4 PGP Message Reception
5.5 What Security Problem
5.6 Internet Threats
5.7 Understanding TCP/IP
5.8 Security at Application Layer
5.9 Security at Data Link Layer
5.10 IP Security (IPSec)
5.11 IPSec Security Services
5.12 IPSec Modes of Operation
5.13 Tunnel Mode
5.14 IPSec Security Protocols
5.15 Strong Password Protocols
5.16 Lamport Hash
5.17 Encrypted key exchange
PGP (PRETTY GOOD PRIVACY)
Security of PGP
There are many known attacks against PGP.
Attacks against cryptoalgorithms are not the main threat
IDEA is considered strong, and while cryptoanalysis advances, it
should be strong still for some time.
RSA may or may not be strong. There are recent rumors of
possible fast factorization algorithms..
The main threats are much more simple.
PGP (PRETTY GOOD PRIVACY)
An attacker may socially engineer himself into a web of trust, or some trustable
person may change. Then he could falsify public keys. This breaks most of the
security.
PGP binaries can be corrupted when they are obtained.
The PGP binaries can be modified in the computer.
The passphrase can be obtained by a Trojan. Weak passphrases can be cracked.
On multiuser system, access to the secret key can be obtained.
PGP SERVICES
PGP use:
public keys for encrypting session keys / verifying
signatures.
private keys for decrypting session keys / creating signatures.
PGP
Alice wants to send confidential e-mail, m, to Bob.
KS
m .
K ()
S
KS(m ) KS(m )
KS( )
. m
+ Internet - KS
KS
+.
K ()
B + +
- .
KB ( )
KB(KS ) KB(KS )
+ -
KB
KB
Bob:
uses his private key to decrypt and recover KS
uses KS to decrypt KS(m) to recover m
PGP
- KA
+
KA
m .
H( )
-.
K ()
A
-
KA(H(m))
-
KA(H(m)) + .
KA ( )
H(m )
+ Internet - compare
m H( ). H(m )
m
PGP Algorithms
Symmetric encryption:
DES, 3DES, AES and others.
Public key encryption of session keys:
RSA or ElGamal.
Hashing:
SHA-1, MD-5 and others.
Signature:
RSA, DSS, ECDSA and others.
PGP
KS
m .
K ()
S
KS(m ) KS(m )
KS( )
. m
+ Internet - KS
KS
+.
K ()
B + +
- .
KB ( )
KB(KS ) KB(KS )
+ -
KB
KB
Alice:
generates random symmetric private key, KS.
encrypts message with KS (for efficiency)
also encrypts KS with Bob’s public key.
sends both KS(m) and KB(KS) to Bob.
PGP MESSAGE GENERATION
PGP MESSAGE RECEPTION
PGP (PRETTY GOOD PRIVACY)
Security of PGP
There are many known attacks against PGP.
Attacks against cryptoalgorithms are not the main threat
IDEA is considered strong, and while cryptoanalysis advances, it should be strong
still for some time.
RSA may or may not be strong. There are recent rumors of possible fast factorization
algorithms..
The main threats are much more simple.
PGP (PRETTY GOOD PRIVACY)
An attacker may socially engineer himself into a web of trust, or some trustable
person may change. Then he could falsify public keys. This breaks most of the
security.
PGP binaries can be corrupted when they are obtained.
The PGP binaries can be modified in the computer.
The passphrase can be obtained by a Trojan. Weak passphrases can be cracked.
On multiuser system, access to the secret key can be obtained.
WHAT SECURITY PROBLEM?
Public
Un-trusted
Unreliable IP networks
Data integrity
The contents of a packet can be accidentally or deliberately modified.
Identity spoofing
The origin of an IP packet can be forged.
Anti-reply attacks
Unauthorized data can be retransmitted.
Loss of privacy
The contents of a packet can be examined in transit.
UNDERSTANDING TCP/IP
Presentation Layer
SNMP
SMTP
HTTP
DNS
NFS
FTP
FTP
Session Layer
Network Layer IP
Original
Application Layer
Message
Implemented in end-hosts
Advantages
Extend application without involving operating system.
Application can understand the data and can provide the appropriate security.
Disadvantages
Security mechanisms have to be designed independently of each application.
SECURITY AT TRANSPORT LAYER
Implemented in end-hosts
Advantages
Existing applications get security seamlessly
Disadvantages
Protocol specific
SECURITY AT NETWORK LAYER
IP Security (IPSec)
Advantages
Provides seamless security to application and transport layers (ULPs).
Allows per flow or per connection security and thus allows for very fine-grained security control.
Disadvantages
More difficult to to exercise on a per user basis on a multi-user machine.
SECURITY AT DATA LINK LAYER
(Hardware encryption)
Need a dedicated link between host/routers.
Advantages
- Speed.
Disadvantages
Not scalable.
Need dedicated links.
IP SECURITY (IPSEC)
Connectionless integrity
Assurance that received traffic has not been
modified. Integrity includes anti-reply defenses.
Data origin authentication
Assurance that traffic is sent by legitimate party or parties.
Confidentiality (encryption)
Assurance that user’s traffic is not examined by non-authorized parties.
Access control
Prevention of unauthorized use of a resource.
IPSEC MODES OF OPERATION
protected
¨ Tunnel Mode: protect the entire IP payload
protected
TUNNEL MODE
Host-to-Network, Network-to-Network
Application Application
Layer Layer
Protected Protected
Transport Data Data Transport
Layer Layer
Internet
IP IP
Layer Layer
Host-to-Host
IPSec IPSec
IP Layer IP Layer
Data Link Layer Data Link Layer
Host A Host B
IPSEC SECURITY PROTOCOLS
Bob stores
Username Alice
int n
hn(password), h – one way function
Password generation:
Alice chooses a password.
Alice calculates hm(password) and sends it to Bob.
Bob initializes the database entry.
LAMPORT HASH
Protocol:
Alice
n
hn-1(pwd)
Alice’s Workstation Bob
Alice password
Bob checks:
Is h(Alice’s answer) = hn(password).
If yes, authenticate.
Then replace n with n-1 and store hn-1(password)
LAMPORT’S HASH
Alice Bob
Alice and Bob share a weak secret W = h(password)
Bob chooses a random b and a
Alice chooses a random challenge C1.
number a. She sends:
Alice, W{ga} He sends
W {gb, C1}
Both Bob and Alice use their knowledge of W to encrypt their mutual
messages. They both calculate K = gab.
Alice then proves her knowledge of W by her ability to calculate K. She also
picks a challenge C2 and sends K { C1, C2 } to Bob.
Bob encrypts this message and finds that Alice has solved his challenge C 1. Finally,
Bob authenticates himself to Alice. He proves his knowledge of W by his knowledge
of K, which he proves by being able to correctly encrypt Alice’s challenge C2. He
sends
ENCRYPTED KEY EXCHANGE
EK(CAlice, CBob)
EK(CAlice)
EKE: ENCRYPTED KEY EXCHANGE
Secure against eavesdropper because all data are undistinguishable
from random numbers. Eavesdropper cannot decide whether the g a,
gb are the correct decryption.
Secure against impersonation:
If treacherous Trudy impersonates Bob, she guesses a single value W in
the first exchange.
ENCRYPTED KEY EXCHANGE
EK(CAlice, CBob)
EK(CAlice)
SPEKE: SIMPLE PASSWORD EXPONENTIAL KEY EXCHANGE
Alice: "Alice", Wa
EK(CAlice, CBob)
EK(CAlice)
STRONG PASSWORDS: EKE
Mentioned at the end of the chapter are the companions to network security, the
virus, malware, and intrusion detection tools. These tools are used by the
network administration to prevent, detect, and respond to attacks by malware,
virus, and other intrusion attacks. Malware and viruses, when introduced to
internal systems are beyond the detection and protection of firewalls so are much
more dangerous to network integrity. These problems are detected by packet
monitoring systems that can detect the signatures of known intrusions. UALR,
for example, will ‘quarantine’ systems that generate packets containing known
problem signatures, thus preventing the spread of problems from an infected
host.