Chapter 18 Network Security

(1)

1

William Stallings

Data and Computer

Communications

Chapter 18

(2)

2

Security Requirements

 _{Confidentiality}  _Integrity

(3)

3

Passive Attacks

 _{Eavesdropping on transmissions}  _{To obtain information}

 _{Release of message contents}

 _{Outsider learns content of transmission}  _{Traffic analysis}

 _{By monitoring frequency and length of} messages, even encrypted, nature of communication may be guessed

(4)

4

Active Attacks

 _Masquerade

 _{Pretending to be a different entity}  _Replay

 _{Modification of messages}  _{Denial of service}

 _{Easy to detect}

(5)

5

(6)

6

(7)

7

Ingredients

 _{Plain text}

 _{Encryption algorithm}  _{Secret key}

 _{Cipher text}

(8)

8

Requirements for Security

 _{Strong encryption algorithm}

 _{Even if known, should not be able to} decrypt or work out key

 _{Even if a number of cipher texts are} available together with plain texts of them

 _{Sender and receiver must obtain secret} key securely

(9)

9

Attacking Encryption

 _{Crypt analysis}

 _{Relay on nature of algorithm plus some} knowledge of general characteristics of plain text

 _{Attempt to deduce plain text or key}  _{Brute force}

(10)

10

Algorithms

 _{Block cipher}

 _{Process plain text in fixed block sizes} producing block of cipher text of equal size

(11)

11

Data Encryption Standard

 _{US standard}

(12)

12

DES

(13)

13

(14)

14

Strength of DES

 _{Declared insecure in 1998}

 _{Electronic Frontier Foundation}  _{DES Cracker machine}

 _{DES now worthless}

(15)

15

Triple DEA

 _{ANSI X9.17 (1985)}

 _{Incorporated in DEA standard 1999}  _{Uses 3 keys and 3 executions of DEA}

algorithm

(16)

16

(17)

17

Link Encryption

 Each communication link equipped at both

ends

 _{All traffic secure}

 _{High level of security}

 _{Requires lots of encryption devices}

 _{Message must be decrypted at each switch}

to read address (virtual circuit number)

 _{Security vulnerable at switches}

(18)

18

End to End Encryption

 _{Encryption done at ends of system}

 _{Data in encrypted form crosses network} unaltered

 _{Destination shares key with source to} decrypt

 _{Host can only encrypt user data}

 _{Otherwise switching nodes could not} read header or route packet

 _{Traffic pattern not secure}

(19)

19

Key Distribution

 _{Key selected by A and delivered to B}

 _{Third party selects key and delivers to A} and B

 _{Use old key to encrypt and transmit new} key from A to B

(20)

20

(21)

21

Automatic Key Distribution

 _{Session Key}

 _{Used for duration of one logical connection}  _{Destroyed at end of session}

 _{Used for user data}  _{Permanent key}

 _{Used for distribution of keys}  _{Key distribution center}

 _{Determines which systems may communicate}  _{Provides one session key for that connection}  _{Front end processor}

(22)

22

Traffic Padding

 _{Produce cipher text continuously}

 _{If no plain text to encode, send random} data

(23)

23

Message Authentication

 _{Protection against active attacks}  _{Falsification of data}

 _{Eavesdropping}

 _{Message is authentic if it is genuine and} comes from the alleged source

 _{Authentication allows receiver to verify} that message is authentic

 _{Message has not altered}

(24)

24

Authentication Using Encryption

 _{Assumes sender and receiver are only} entities that know key

 _{Message includes:}

 _{error detection code}  _{sequence number}

(25)

25

Authentication Without Encryption

 _{Authentication tag generated and appended}

to each message

 _{Message not encrypted}

 _{Useful for:}

 _{Messages broadcast to multiple destinations}

 _{Have one destination responsible for}

authentication

 _{One side heavily loaded}

 _{Encryption adds to workload}

 _{Can authenticate random messages}

 _{Programs authenticated without encryption}

(26)

26

Message Authentication Code

 _{Generate authentication code based on} shared key and message

 _{Common key shared between A and B}

 _{If only sender and receiver know key and} code matches:

 _{Receiver assured message has not} altered

 _{Receiver assured message is from} alleged sender

(27)

27

(28)

28

One Way Hash Function

 _{Accepts variable size message and produces}

fixed size tag (message digest)

 _{Advantages of authentication without}

encryption

 _{Encryption is slow}

 _{Encryption hardware expensive}

 _{Encryption hardware optimized to large data}  _{Algorithms covered by patents}

 _{Algorithms subject to export controls (from}

(29)

29

(30)

30

Secure Hash Functions

 _{Hash function must have following} properties:

 _{Can be applied to any size data block}  _{Produce fixed length output}

 _{Easy to compute}

 _{Not feasible to reverse}

(31)

31

SHA-1

 _{Secure Hash Algorithm 1}

 _{Input message less than 2}64 bits  _{Processed in 512 bit blocks}

(32)

32

Public Key Encryption

 _{Based on mathematical algorithms}  _Asymmetric

 _{Use two separate keys}  _Ingredients

 _{Plain text}

 _{Encryption algorithm}  _{Public and private key}  _{Cipher text}

(33)

33

(34)

34

Public Key Encryption - Operation

 _{One key made public}  _{Used for encryption}  _{Other kept private}

 _{Used for decryption}

 _{Infeasible to determine decryption key} given encryption key and algorithm

(35)

35

Steps

 _{User generates pair of keys}

 _{User places one key in public domain}

 _{To send a message to user, encrypt using} public key

(36)

36

Digital Signature

 _{Sender encrypts message with their} private key

 _{Receiver can decrypt using sneders public} key

 _{This authenticates sender, who is only} person who has the matching key

(37)

37

(38)

38

(39)

39

IPv4 and IPv6 Security

 _IPSec

 _{Secure branch office connectivity over} Internet

 _{Secure remote access over Internet}  _{Extranet and intranet connectivity}

(40)

40

IPSec Scope

 _{Authentication header}

 _{Encapsulated security payload}  _{Key exchange}

(41)

41

Security Association

 _{One way relationship between sender and} receiver

 _{For two way, two associations are required}  _{Three SA identification parameters}

 _{Security parameter index}  _{IP destination address}

(42)

42

SA Parameters

 _{Sequence number counter}  _{Sequence counter overflow}  _{Anti-reply windows}

 _{AH information}  _{ESP information}

 _{Lifetime of this association}  _{IPSec protocol mode}

(43)

43

Transport and Tunnel Modes

 _{Transport mode}

 _{Protection for upper layer protocols}

 _{Extends to payload of IP packet}

 _{End to end between hosts}

 _{Tunnel mode}

 _{Protection for IP packet}

 _{Entire packet treated as payload for outer}

IP “packet”

 _{No routers examine inner packet}

 _{May have different source and destination}

address

(44)

44

(45)

45

Encapsulating Security Payload

 _ESP

(46)

46

(47)

47

(48)

48

Key Management

 _Manual

 _Automatic

 _{ISAKMP/Oakley}

 _{Oakley key determination protocol}

(49)

49