Network Security Network security can be viewed as
Network Security • Network security can be viewed as a subset of information security. • Information security includes procedures associated with ‘non-data’ items (e. g. , physical paper, etc. ). • Our focus is network security such that we have confidence that information and services that are available on a network can not be accessed by unwanted users and can not be misused. • Chapter 32 of Comer identifies two fundamental techniques behind Internet security: • Perimeter security • Encryption • We want a slightly broader description of network security. Copyright 2011 Jim Martin 1
Network Security • Information Security for the Enterprise: n. Seventy percent (70%) of the respondents reported unauthorized use of their information systems. n. Seventy-four percent (74%) mentioned financial loss as a result of security breaches. n. Twenty-five percent (25%) observed system penetration from the outside. n. Twenty-seven percent (27%) reported Do. S attacks. n. Eighty-five percent (85%) noted computer viruses. n. Seventy-nine percent (79%) mentioned employee abuse of Internet access privileges (for example, downloading pornography or pirated software, or inappropriate use of e-mail systems). n. Seventy-one percent (71%) detected unauthorized access by insiders. Copyright 2011 Jim Martin 2
Network Security • Confidentiality: involves encrypting data to prevent eavesdropping • Integrity: ensures that data has not been tampered with in transit. • Availability: ensures resources (data, services, etc. ) are always available in a timely manner. • Authentication • Authorization • Intrusion Detection Copyright 2011 Jim Martin 3
Definitions • Computer Security - generic name for the collection of tools designed to protect data and to thwart hackers • Network Security - measures to protect data during their transmission • Internet Security - measures to protect data during their transmission over a collection of interconnected networks Copyright 2011 Jim Martin 4
Security Services (X. 800) • Authentication - assurance that the communicating entity is the one claimed • Access Control - prevention of the unauthorized use of a resource • Data Confidentiality –protection of data from unauthorized disclosure • Data Integrity - assurance that data received is as sent by an authorized entity • Non-Repudiation - protection against denial by one of the parties in a communication Copyright 2011 Jim Martin 5
Security Mechanisms (X. 800) • specific security mechanisms: – encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization • pervasive security mechanisms: – trusted functionality, security labels, event detection, security audit trails, security recovery Copyright 2011 Jim Martin 6
Basic Terminology • • plaintext - the original message ciphertext - the coded message cipher - algorithm for transforming plaintext to ciphertext key - info used in cipher known only to sender/receiver encipher (encrypt) - converting plaintext to ciphertext decipher (decrypt) - recovering ciphertext from plaintext cryptography - study of encryption principles/methods cryptanalysis (codebreaking) - the study of principles/ methods of deciphering ciphertext without knowing key • cryptology - the field of both cryptography and cryptanalysis Copyright 2011 Jim Martin 7
Cryptographic Algorithms • Cryptography is the backbone of network security as it is used to provide (in part): confidentiality, authentication, integrity and nonrepudiation. • A cryptographic algorithm, aka a cipher, is the mathematical function used for encryption and decryption. • Restricted algorithm: if the security of the algorithm is based on keeping the algorithm secret. What is the problem with this? • Better approach : use a key algorithm. Copyright 2011 Jim Martin 8
Cryptography • can characterize by: – type of encryption operations used • substitution / transposition / product – number of keys used • single-key or private / two-key or public – way in which plaintext is processed • block / stream Copyright 2011 Jim Martin 9
Encryption/Decryption with Keys • A range of values for a key (K) is the keyspace. • Two classes: symmetric key and public key. • Symmetric algorithms have been around for many years. – Two building blocks: Substitution and transposition. Copyright 2011 Jim Martin 10
Classical Substitution Ciphers • where letters of plaintext are replaced by other letters or by numbers or symbols • or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns Copyright 2011 Jim Martin 11
Caesar Cipher • • • earliest known substitution cipher by Julius Caesar first attested use in military affairs replaces each letter by 3 rd letter on example: meet me after the toga party PHHW PH DIWHU WKH WRJD SDUWB Copyright 2011 Jim Martin 12
Caesar Cipher • can define transformation as: a b c d e f g h i j k l m n o p q r s t u v w x y z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C • mathematically give each letter a number a b c 0 1 2 n o 13 14 d e f 3 4 5 p q 15 16 g h i 6 7 8 r s 17 18 j k l m 9 10 11 12 t u v w x y Z 19 20 21 22 23 24 25 • then have Caesar cipher as: C = E(p) = (p + k) mod (26) p = D(C) = (C – k) mod (26) Copyright 2011 Jim Martin 13
Cryptanalysis of Caesar Cipher • If it is known that a given ciphertext is a Caeser cipher, brute-force cyrptanalysis is easy. – The encryption algorithms are known – There are only 25 keys – The language of the plaintext is known and easily recognized Copyright 2011 Jim Martin 14
Modern Symmetric Key Algorithms • Aka conventional algorithms. • Stream algorithms: operate on data a bit or an octet at a time. • Block algorithms: operate on data a block at a time (e. g. , 64 bit block size). • Tradeoff: speed versus robust security – Both sides require the same key. – The secret is defined by the key and not the algorithm. Copyright 2011 Jim Martin 15
DES: Data Encryption Standard • • Developed in 1970’s by IBM. Block algorithm, 64 -bit block size 56 -bit key 64 bits of cleartext go through mutliple ‘rounds’ leading to 64 bits of ciphertext • Based on the Feistel Cipher incorporates: – Diffusion: the statistical structure of the plaintext is dissipated into long range statistics. – Confusion: the relationship between the statistics of the ciphertext and the value of the key is made as complex as possible. • Strength of DES: even though large keyspace (2 EXP 56), can be broken in hours on optimized hardware. – Some knowledge of the expected plaintext is needed but essentially a brute force attack. • Triple-DES was developed to address this problem. – 168 -bit key, but computationally expensive. Copyright 2011 Jim Martin – Possible alternative is Advanced Encryption Standard (AES) 16
Types of Cryptanalytic Attacks • ciphertext only – only know algorithm / ciphertext, statistical, can identify plaintext • known plaintext – know/suspect plaintext & ciphertext to attack cipher • chosen plaintext – select plaintext and obtain ciphertext to attack cipher • chosen ciphertext – select ciphertext. Copyright and obtain plaintext to attack 2011 Jim Martin cipher 17
Brute Force Search • always possible to simply try every key • most basic attack, proportional to key size • assume either know / recognise plaintext Copyright 2011 Jim Martin 18
Key Distribution • Symmetric encryption requires two parties to exchange the key. • The strength of any crypto system rests on the key distribution technique. • Options: – A selects a key and physically delivers to B – A third party selects the key and physically delivers to A and B. – If A and B have communicated previously with a key, one party can transmit the new key to the other using the old key for encryption. – If A and B have a secure connection to C, C can deliver the key on the Copyright encrypted links to A and B. 2011 Jim Martin 19
Public Key Algorithms • Aka asymmetric algorithms. • The key used for encryption is different from the key used for decryption. • The encryption key is the generally the public key. • The decryption key is the private key. Copyright 2011 Jim Martin 20
Public Key Algorithms • • A and B agree on a public key cryptosystem A sends to B its public key B encrypts the data using A’s public key A decrypts B’s message using its private key Copyright 2011 Jim Martin 21
Public Key Algorithms • Diffie and Hellman came up with the breakthrough method in 1976 that addressed the following requirements: – Computationally easy for party B to generate a key pair – Computationally easy for a sender A, knowing B’s public key and the plaintext message, to generate the ciphertext – Computationally easy for receiver B to decrypt the resulting ciphertext using the private key. – Computationally infeasible for an opponent, knowing the public key to determine the private key. – Computationally infeasible for an opponent, knowing the public key and the ciphertext to recover the original message. Copyright 2011 Jim Martin 22
Public Key Algorithms • Public key algorithms are based on mathematical functions rather than substitution and permutations. • Profound impact in the area of confidentiality, key distribution and authentication. • Two misconceptions: – Public key encryption is more secure than symmetric. – Public key encryption that has made symmetric encryption out of date. Copyright 2011 Jim Martin 23
Public Key Algorithms • The method allows for : – Encryption/decryption – Digital signatures – Key exchange Copyright 2011 Jim Martin 24
Public Key Algorithms • Summary: – Public Key encryption is as secure as symmetric encryption. • It solves the key management problem. • Enables digital signatures. – Drawback: Very slow (1000 times slower than symmetric algorithms). – Generally used to distribute session keys in a hybrid cryptosystem. Copyright 2011 Jim Martin 25
Lecture : Private Network Interconnection • We’ve described an internet that’s a single level of abstraction • Privacy is an issue in a single level internet architecture • A two level architecture distinguishes between internal and external datagrams. • Goal: Keep internal datagrams private while still allowing external communication. Copyright 2011 Jim Martin 26
Lecture: Private Network Interconnection • Easiest way to assure privacy is with a ‘private’ network • Traditional techniques • Point-to-point: leased lines, ISDN • Network services: ATM, Frame Relay, Private IP Copyright 2011 Jim Martin 27
Lecture: Private Network Interconnection • Advantages of a private network • Security • Reliability • Disadvantage: • cost • Two Issues: • How can an organization use a public network but keep its data private? • From outside-to-inside access: access control through firewalls!! • How can an organization with a private network interconnect with the Internet? • Virtual Private Network!! Copyright 2011 Jim Martin 28
Lecture: Private Network Interconnection • The cornerstone of access control: the firewall!!! FW-3’s filter table: Interface src addr dst addr src port dst port protocol int 0 * server * 80 tcp Public Web Servers FW-3 Site A FW Internet Copyright 2011 Jim Martin FW Site B 29
Lecture: Private Network Interconnection • What if Site A, B are a part of a ‘private’ network, how can data be kept private ? • How about a VPN • A Virtual Private Network refers to customer connectivity deployed on a shared infrastructure with the same policies as a private network. The shared infrastructure can leverage a SP’s IP, FR, ATM backbone and may or may not utilize the public Internet. Organization’s Public Web Servers Site A FW Internet Copyright 2011 Jim Martin FW Site B 30
Lecture: Private Network Interconnection • IPsec: the IETF devised this set of security algorithms along with a general framework that allows a pair of hosts to communicate with varying levels of security. Organization’s Public Web Servers Site A FW Internet Copyright 2011 Jim Martin FW Site B 31
Lecture: Private Network Interconnection IPsec Tunnel Mode Encrypted Tunnel Gateway A ed t p y cr Gateway Unen Encrypted crypt U nen New IP Header AH or ESP Header Orig IP Header Copyright 2011 Jim Martin TCP ed B Data 32
Tunnel Mode (II) Outer IP IPSec Inner IP Higher header layer protocol Destination IPSec entity ESP Real IP destination AH • ESP applies only to the tunneled packet • AH can be applied to portions of the outer header Copyright 2011 Jim Martin 33
Outbound Packet Processing • Form ESP payload • Pad as necessary • Encrypt result [payload, padding, pad length, next header] • Apply authentication Copyright 2011 Jim Martin 34
Lecture: Private Network Interconnection • So a VPN will interconnect portions of private networks. • But how would a host at Site A communicate with a public web site? • Application Gateways (aka proxy) • Network Address Translation (aka NAT) Public Web Servers Site A FW Internet Copyright 2011 Jim Martin FW Site B 35
Lecture: Private Network Interconnection • NAT provides transparent IP-level access to the Internet from a host with a private address • Defined in RFC 3022: Basic Network Address Translation or Basic NAT is a method by which IP addresses are mapped from one group to another, transparent to end users. Network Address Port Translation, or NAPT is a method by which many network addresses and their TCP/UDP (Transmission Control Protocol/User Datagram Protocol) ports are translated into a single network address and its TCP/UDP ports. Together, these two operations, referred to as traditional NAT, provide a mechanism to connect a realm with private addresses to an external realm with globally unique registered addresses. Site A NAT router Internet Copyright 2011 Jim Martin 36
Lectur: Private Network Interconnection • NAT motivations: • solution for private addressing • IP V 4 IP address depletion problem • Breaks fundamental IP attribute: • does not preserve datagram end-to-end • Two types defined by ‘basic NAT’ • Address pool (many-to-a-group or many-to-many) • NAPT (network address port translation) Copyright 2011 Jim Martin 37
Lecture: Private Network Interconnection 192. 168. 1. 100 > 152. 1. 194. 50: icmp: echo request 4500 0054 01 b 8 0000 ff 01 9 da 8 c 0 a 8 0164 9801 c 232 0800 5753 5 e 01 0000 1 f 9 e c 73 a 62 cf 0 e 00 0809 0 a 0 b 0 c 0 d 0 e 0 f 1011 1213 1415 1617 1819 1 a 1 b 1 c 1 d 1 e 1 f 2021 2223 2425 2627 2829 2 a 2 b 2 c 2 d 2 e 2 f 3031 3233 3435 3637 Ping 152. 1. 194. 50 (56 bytes data) NAT Router 192. 168. 1. 100 192. 168. 1. 1 Internet 66. 243. 164 Copyright 2011 Jim Martin 152. 1. 194. 50 38
Lecture: Private Network Interconnection 4500 0054 //V 4, 20 byte header, 84 byte datagram 01 b 8 0000 //01 b 8 id , no frag ff 01 9 da 8 // ttl 255, protocol 1, checksum c 0 a 8 0164 //src (192. 168. 1. 100) 9801 c 232 //dst (152. 1. 194. 50) 0800 5753 //ICMP echo request, checksum 5 e 01 0000 //Id, seq number // 56 bytes ICMP data…. 1 f 9 e c 73 a 62 cf 0 e 00 0809 0 a 0 b 0 c 0 d 0 e 0 f 1011 12131415 1617 1819 1 a 1 b 1 c 1 d 1 e 1 f 2021 2223 2425 2627 2829 2 a 2 b 2 c 2 d 2 e 2 f 3031 3233 3435 3637 Copyright 2011 Jim Martin 39
Lecture: Private Network Interconnection 192. 168. 1. 100 > 152. 1. 194. 50: icmp: echo request 4500 0054 01 b 8 0000 ff 01 9 da 8 c 0 a 8 0164 9801 c 232 0800 5753 5 e 01 0000 1 f 9 e c 73 a 62 cf 0 e 00 0809 0 a 0 b 0 c 0 d 0 e 0 f 1011 1213 ICMP echo (56 bytes data) 1415 1617 1819 1 a 1 b 1 c 1 d 1 e 1 f 2021 2223 2425 2627 2829 2 a 2 b 2 c 2 d 2 e 2 f 3031 3233 NAT 3435 3637 Router 66. 243. 164 > 152. 1. 194. 50: icmp: echo request (captured at dst) 4500 0054 01 b 8 0000 f 601 32 f 6 421 a f 3 a 4 NAT should allocate a new ICMP id 9801 c 232 0800 5753 5 e 01 0000 1 f 9 e c 73 a (this implementation does not). Why 62 cf 0 e 00 0809 0 a 0 b 0 c 0 d 0 e 0 f 1011 1213 is this required? What if 2 private hosts issued a ping to the same global 1415 1617 1819 1 a 1 b 1 c 1 d 1 e 1 f 2021 2223 IP address and each host happened to 2425 2627 2829 2 a 2 b 2 c 2 d 2 e 2 f 3031 3233 generate the same ICMP ID? If the 3435 3637 NAT router did not modify the ICMP ID on outbound packets, it could not uniquely identify the inbound packets. Copyright 2011 Jim Martin 40
Lecture: Private Network Interconnection NAPT table -Data structures: Translation Table, Port Map private address | private port (ICMPID) | NAT address | NAT port (ICMP ID) | Prot -------------------------------------------------192. 168. 1. 100 1050 66. 243. 164 1025 TCP - 192. 168. 1. 101 192. 168. 1. 100 Static entry 192. 168. 1. 101 Exclude 66. 243. 165 192. 168. 1. 101 (static) 2444 5 e 01 66. 26. 243. 164 1026 1 TCP ICMP 80 66. 243. 166 80 TCP 66. 243. 165 (exclude) NAT Router 192. 168. 1. 100 Internet 66. 243. 164 Copyright 2011 Jim Martin 152. 1. 194. 50 41
Lecture: Private Network Interconnection Outbound NAT algorithm Find table entry if it does not exist- create Inbound NAT algo Find table entry If it does not exist ? Translate datagram How are table entries removed? What happens if an inbound datagram is fragmented prior to arriving at the NAT box? Copyright 2011 Jim Martin 42
Lecture: Private Network Interconnection V 4, 5 bytes, 1500 bytes id: 1234, 0 x 4000 (DF) ttl: 255, TCP, chksum: 5678 src: 192. 168. 1. 100 dst 152. 1. 194. 50 src port: 2201 dst port: 5000 seq#: xyz ack#: abc len, bits, window tcp chksum: 4321, urgent 1460 bytes data TCP datagram 1500 bytes (DF set) 192. 168. 1. 100 NAT Router 192. 168. 1. 1 V 4, 5 bytes, 1500 bytes id: 1234, 0 x 4000 (DF) ttl: 253, TCP, chksum: 9012 src: 66. 243. 164 dst 152. 1. 194. 50 src port: 1025, dst port: 5000 seq#: xyz ack#: abc len, bits, window tcp chksum: 0987, urgent 1460 bytes data MTU: 1500 66. 26. 243. 164 Copyright 2011 Jim Martin MTU 512 152. 1. 194. 50 152. 1. 194. 1 43
Lecture: Private Network Interconnection V 4, 5 bytes, 56 bytes id: 6767, 0 x 0000 ttl: 253, icmp, chksum: 6565 src: 66. 243. 1 dst 192. 168. 1. 100 type 3, code 4, chksum 4343 unused V 4, 5 bytes, 1500 bytes id: 1234, 0 x 4000 (DF) ttl: 253, TCP, chksum: 6565 src: 192. 168. 1. 100 dst 152. 1. 194. 50 src port: 2201, dst port: 5000 seq#: xyz V 4, 5 bytes, 56 bytes id: 6767, 0 x 0000 ttl: 255, icmp, chksum: 1212 src: 66. 243. 1 dst 66. 243. 164 type 3, code 4, chksum 7878 unused V 4, 5 bytes, 1500 bytes id: 1234, 0 x 4000 (DF) ttl: 253, TCP, chksum: 9012 src: 66. 243. 164 dst 152. 1. 194. 50 src port: 1025, dst port: 5000 seq#: xyz after NAT before NAT Router Copyright 2011 Jim Martin ICMP error msg 44
Lecture: Private Network Interconnection MANY-TO-MANY NAT -Data structures: Translation table, Address Pool Table Example Address Pool : range 66. 243. 1 - 66. 243. 32 (note: the actual table might only require the addresses) private address | NAT address ------------------------------192. 168. 1. 100 192. 168. 1. 101 66. 26. 243. 2 192. 168. 1. 101 NAT Router 192. 168. 1. 100 192. 168. 1. 1 Internet 66. 243. 164 Copyright 2011 Jim Martin 152. 1. 194. 50 45
Lecture: Private Network Interconnection • Many to many NAT • original algorithm • Example: maps a set of 1024 users to 128 valid global addresses • Less demanding than NAT • less state (1 entry per host as opposed to 1 / connection) • Requires a TO (so does NAPT but not as crucial) • Proxy Arp typically used- NAT router must respond to ARP queries on behalf of all global • Disadvantages: requires multiple IP addresses Copyright 2011 Jim Martin 46
Lecture: Private Network Interconnection • What was the purpose of NAT? • What’s the secondary advantage of NAT (arguably the more important advantage)? • Does it ensure privacy ? • It protects internal addresses from getting out • But it does not assure CIA! Therefore, NAT is not a security protocol- rather it is an “interconnection” method. Copyright 2011 Jim Martin 47
- Slides: 47