Cryptography and Network Security -W. Stalling (2nd Ed.)

(1)

2002-08-14 CNSLCNSL-CNSLCNSL---InternetInternetInternet-Internet---DongseoUniv.DongseoUniv.DongseoUniv.DongseoUniv. 1

Cryptography and Network Cryptography and Network Cryptography and Network Cryptography and Network

Security Security Security Security - - -

-W. Stalling (2nd Ed.) W. Stalling (2nd Ed.) W. Stalling (2nd Ed.) W. Stalling (2nd Ed.)

Hoon Hoon Hoon

Hoon- - - -Jae Jae Jae Lee Jae Lee Lee Lee CNSL CNSL CNSL CNSL

Cryptography and Network Security Lab.

Cryptography and Network Security Lab. Cryptography and Network Security Lab.

Cryptography and Network Security Lab.

hjlee hjlee hjlee hjlee hjlee hjlee hjlee

hjlee@ @ @ @ @dongseo @ @ @ dongseo dongseo dongseo dongseo dongseo dongseo.ac. dongseo .ac. .ac. .ac. .ac. .ac. .ac.kr .ac. kr kr kr kr kr kr kr

http://cg.dongseo.ac.kr/~hjlee

1.1 Attacks, Services, and Mechanisms

1.2 Security Attacks

1.3 Security Services

1.4 A Model for Network Security

1.5 Outline of this Book

1.6 Recommended Reading

Chap 1. Introduction

(2)

Three aspects of information security: Three aspects of information security: Three aspects of information security: Three aspects of information security:

¾Security attackSecurity attackSecurity attackSecurity attack: compromises the security of information : compromises the security of information : compromises the security of information : compromises the security of information owned by an organization

owned by an organization owned by an organization owned by an organization

¾Security MechanismSecurity MechanismSecurity MechanismSecurity Mechanism: is designed to detect, prevent, or : is designed to detect, prevent, or : is designed to detect, prevent, or : is designed to detect, prevent, or recover from a security attack

recover from a security attack recover from a security attack recover from a security attack

¾Security serviceSecurity serviceSecurity serviceSecurity service:::: enhances the security of the data enhances the security of the data enhances the security of the data enhances the security of the data processing systems and the information transfers of an processing systems and the information transfers of an processing systems and the information transfers of an processing systems and the information transfers of an organization

organization organization organization

1.1 Attacks, Services, and Mechanisms

Services: Services: Services: Services:

¾ConfidentialityConfidentialityConfidentialityConfidentiality: ensures that the information in a : ensures that the information in a : ensures that the information in a : ensures that the information in a computer system and transmitted information are computer system and transmitted information are computer system and transmitted information are computer system and transmitted information are accessible only for reading by authorized parties.

accessible only for reading by authorized parties.

¾AuthenticationAuthenticationAuthenticationAuthentication: ensures that the origin of a message or : ensures that the origin of a message or : ensures that the origin of a message or : ensures that the origin of a message or electronic document is correctly identified, with an electronic document is correctly identified, with an electronic document is correctly identified, with an electronic document is correctly identified, with an assurance that the identity is not false

assurance that the identity is not false assurance that the identity is not false assurance that the identity is not false

¾IntegrityIntegrityIntegrityIntegrity: ensures that only authorized parties are able to : ensures that only authorized parties are able to : ensures that only authorized parties are able to : ensures that only authorized parties are able to modify computer system assets and transmitted

modify computer system assets and transmitted modify computer system assets and transmitted modify computer system assets and transmitted information

information information information

¾NonNonNonNon----repudiationrepudiationrepudiationrepudiation: requires that neither the sender not the : requires that neither the sender not the : requires that neither the sender not the : requires that neither the sender not the receiver of a message be able to deny the transmission receiver of a message be able to deny the transmission receiver of a message be able to deny the transmission receiver of a message be able to deny the transmission

¾Access controlAccess controlAccess controlAccess control: requires that access to information : requires that access to information : requires that access to information : requires that access to information resources may be controlled by or for the target system resources may be controlled by or for the target system resources may be controlled by or for the target system resources may be controlled by or for the target system

¾AvailabilityAvailabilityAvailabilityAvailability: requires that computer system assets be : requires that computer system assets be : requires that computer system assets be : requires that computer system assets be available to authorized parties when needed

available to authorized parties when needed available to authorized parties when needed available to authorized parties when needed

1.1 Attacks, Services, and Mechanisms

(3)

1.2 Security Attacks (1)

1. Threats to security

3Interruption 3Interception 3Modification 3Fabrication

(4)

2. Methods of Attacks

3Ciphertext 3 Ciphertext Only Attack: Only Attack

Attacker has only the intercepted cryptogram.

3Known Plaintext Attack 3 Known Plaintext Attack:

Attacker knows plaintext equivalence of some ciphertext.

3Chosen Plaintext Attack 3 Chosen Plaintext Attack:

Attacker can obtain ciphertext equivalent to some plaintext selected by attacker.

1.3 Security Service (1)

1. Data Confidentiality

for the protection of data from unauthorized disclosure as described below

¾ Connection confidentiality

for the confidentiality of all (N)-user-data on an (N)-connection

¾ Connectionless confidentiality

for the confidentiality of all (N)-user-data in a single connectionless (N)-SDU

(5)

1.3 Security Service (2)

1. Data Confidentiality (cont’d)

¾ Selective field confidentiality

for the confidentiality of selected fields within the (n)-user-data on an (n)-connection or in a single connectionless (N)-SDU

¾ Traffic flow confidentiality

for the protection of the information which might be derived from observation of traffic flows

1.3 Security Service (3)

2. Authentication

¾ Peer entity authentication

9This service, when provided by the (N)-layer, provides corroboration to the (N+1)-entity that the peer entity is the claimed (N+1)-entity.

¾ Data origin authentication

9This service, when provided by the (N)-layer,

provides corroboration to an (N+1)-entity that

the source of the data is the claimed peer

(N+1)-entity.

(6)

1.3 Security Service (4)

3. Data integrity

These services counter active threats and may take one of the forms described below.

¾ Connection integrity with recovery

for the integrity of all (n)-user-data on an (n)- connection and detects any modification, insertion, deletion or replay of any data within an entire SDU sequence (with recovery attempted)

¾ Connection integrity without recovery

same as “connection integrity with recovery”but with no recovery attempted

¾ Selective field connection integrity

for the integrity of selected fields within the (n)-user data of an (N)-SDU transferred over a connection and takes the form of determination of whether the selected fields have been modified, inserted, deleted or replayed

¾ Connectionless integrity

provides integrity assurance to the requesting (n+1)- entity

¾ Selective field connectionless integrity

provides for the integrity of a single connectionless SDU and may take the form of determination of whether a received SDU has been modified

(7)

1.3 Security Service (6)

5. Non-repudiation

¾ Non-repudiation with proof of origin :

The recipient of data provide with proof of the origin of data.

¾ Non-repudiation with proof of delivery :

The sender of data is provided with proof of delivery of data.

6. Access Control

¾ provides protection against unauthorized use of resources

7. Availability

¾ requires that computer system assets be

available to authorized parties when needed

(8)

1.4 A Model for Network Security

Message Message

Secret information

Trusted third party (e.g., arbiter, distributer of secret data)

Principal Principal

Opponent Opponent Secret

information

Information channel

Security-related transformation

Security Mechanism (1)

1. Encipherment

can provide confidentiality of either data or traffic flow information and can play a part in or element a

number of other security mechanisms

2. Digital signature mechanisms

A) signing a data unit; and B) verifying a signed data unit

3. Access control mechanisms

determine and enforce the access rights of the entity

(9)

Security Mechanism (2)

4. Data integrity mechanisms

A) The integrity of a single data unit or field.

B) The integrity of a stream of data units or fields.

5. Authentication exchange mechanism

A) use of authentication information, such as passwords B) cryptographic techniques

C) use of characteristics and/or possessions of the entity

6. Traffic padding mechanism

to provide various levels of protection against traffic analysis

Security Mechanisms (3)

7. Routing control mechanism

¾ Routes can be chosen either dynamically or by prearrangement so as to use only physically secure sub-networks, relays or links.

8. Notarization mechanism

¾ The assurance is provided by a third party notary, which is trusted by the communicating entities, and which holds the necessary

information to provide the required assurance

in a testifiable manner.

(10)

Peer Entity Authentication Data Origin Authentication Access Control Service Connection Confidentiality Connectionless Confidentiality Selective Field Confidentiality Traffic Flow Confidentiality Connection Integrity with Recovery

Connection Integrity without Recovery

Selective Field Connection Integrity

Connectionless Integrity Selective Field Connectionless Integrity

Non-reputation. Origin Non-reputation. Derivery

Y Y . Y Y Y Y Y Y Y Y Y . .

Y Y . . . . . . . . Y Y Y Y

. . Y . . . . . . . . . . .

. . . . . . . Y Y Y Y Y Y Y

Y . . . . . . . . . . . . .

. . . . . . Y . . . . . . .

. . . Y Y . Y . . . . . . .

. . . . . . . . . . . . Y Y

Encip

herment Encip

herm ent

Digital Signature Digital Signature Digital Signature Digital Signature Acces

s Control Acces

s Control Data Integrity Data Integrity Data Integrity Data Integrity Authen

ticati on Exch

ange

Authen ticati

on Exch ange

Authen ticati

on Exch ange

Authen ticati

on Exch ange

Traffic Padding Traf

fic Padding Traffic Padding Traf

fic Padding Routing Control Ro

uting Control Ro

uting Control Notarization Notarization Notar

ization Notar

ization

Mechanism Mechanism Mechanism Mechanism

Service ServiceService Service

Security Mechanism (4)

• The mechanism is considered no to be appropriate Y Yes:the mechanism is considered to be appropriate, either on its own or in combination with other mechanisms.

Security ALGORITHMS (Ex.1)

Ciphertext Ciphertext

ENCRYPT DECRYPT

Plaintext

Secret Knowledge Plaintext

K1 K2

(11)

Security ALGORITHMS (Ex.2)

Key Key Symmetric

Key K1=K2 Asymmetric

Key K1≠K2

Typical Examples Typical Examples

DES (1975) IDEA (1987)

El-Gamal (1985) RSA (1985)

Block length: 64, Key length : 56 bits Block Cipher

Block length: 64, Key length : 64 bits Block Cipher

Public Key Cipher

Block and Key length variable

Cryptographic System (1)

C C

E D M M

M M

K1 K2

(12)

Cryptographic System (2)

E= Encryption Function D= Decryption Function M= Message

C= Ciphertext K1= Encryption Key K2= Decryption Key

Encryption C = E(M,K1)

Decryption M = D(C,K2)

Cryptography and Network Security -W. Stalling (2nd Ed.)

Cryptography and Network Cryptography and Network Cryptography and Network Cryptography and Network

 1.2 Security Attacks

1.1 Attacks, Services, and Mechanisms

1.1 Attacks, Services, and Mechanisms

1.3 Security Service (1)

1.3 Security Service (2)

2. Authentication

1.3 Security Service (4)

¾ Connection integrity without recovery

¾ Connectionless integrity

1.3 Security Service (6)

7. Availability

Principal Principal

A) signing a data unit; and B) verifying a signed data unit

 5. Authentication exchange mechanism

 8. Notarization mechanism

Security Mechanism (4)

Security ALGORITHMS (Ex.2)

Cryptographic System (2)

1.2 Security Attacks

2. Authentication

7. Availability

5. Authentication exchange mechanism

8. Notarization mechanism