Security Peter OGrady Security 1 Network Security Problem
Security Peter O’Grady Security - 1
Network Security Problem n n n Data Flow - transmission security Network Security - server security Malicious code - virus security 2
User The Internet User Data moves through a network Attacker may try to gain access 3
“By accessing or altering data, an attacker can steal tangible assets or lead an organization to take actions it would not otherwise take. By merely examining data, an attacker can gain competitive advantage, without the owner of the data being any the wiser. ” Computers at Risk: Safe Computing in the Information Age National Research Council, 1991 4
Network Security n n where an intruder may be malicious in that they may interfere with the operation of the network, causing operation problems such as deliberately crashing a server. Particularly dangerous when they gain access to data on servers. 5
Example Attack n n n Texas A&M August 1992 Several outside intruders Captured hundreds of passwords (including some on servers) One machine set up as hacker bulletin board to discuss progress without the victim knowing. Hackers had developed programs to test for weaknesses. 6
Transmission Security. Data Flow n The potential security problems in data flow can be thought of as: · Interruption – stop flow · Interception – intercept message, for reading – original message continues · Modification – intercept message and replace with alternative. Send alternative · Fabrication – send fabricated message · How can each of these be stopped? 7
Conveying Messages Securely n Phrases that convey meaning – 1: 1 coding - has to be pre-determined – Difficult to decode – Low flexibility n Character encryption – Very flexible – Need large number of possible permutations to avoid brute force decryption 8
Transmission Security n Transmission Security involves three main measures that can be taken to prevent these breaches of security occurring. – encryption, – authentication, – and data integrity. 9
Encryption n n Task: take regular text and produce encrypted text so that original text cannot be determined easily from the encrypted text. Encryption Examples – Caesar cipher – Enigma encoding machine n Decryption: – Letter usage analysis – Complete enumeration – Obtaining Key 10
Encryption n n History of encryption tied to military and diplomatic messages If messages are send by wireless then can be heard by others Governments seek very hard encryption for messages. Other governments try hard to decrypt messages. Of VERY great importance Examples: – Midway – German Enigma machine 11
12
Midway n n n n December 7 Pearl Harbor Japanese had “Purple” cipher machine. US had decoded this (“Magic”) Japanese overran much of SE Asia by May 1942 Japanese 4 large carriers, 3 battleships, 16 submarines for invasion of Midway US only had 3 carriers (one damaged) in Pacific Messages decoded about Japanese plan. Nimitz rushes all US carriers to Midway. US surprises Japanese fleet and sinks 4 Japanese carriers. 13
“Scouts found the Japanese early in the morning of June 4. Although initial strikes by Midwaybased planes were not successful, American carrier-based planes turned the tide. Torpedo bombers became separated from the American dive-bombers and were slaughtered (36 of 42 shot down), but they diverted Japanese defenses just in time for the divebombers to arrive; some of them had become lost, and now by luck they found the Japanese. The Japanese carriers were caught while refueling and rearming their planes, making them especially vulnerable. The Americans sank four fleet carriers—the entire strength of the task force…. ” http: //college. hmco. com/history/readerscomp/mil/html/ml_034100_midwaybattle. htm 14
Iraq I “One of the ROCKSTARS (codename for group of agents) next delivered an Iraqi mobile communications device that was supposed to be sent out for repairs. It was the device used by Deputy Prime Minister Tariq Aziz. It had encryption capability and was part of the SSO communications network. A ROCKSTAR agent has swiped it. Tim (a USA agent) had it couriered back to Washington where the National Security Agency was able to exploit it. Soon NSA was listening in to some SSO communications. ” "Plan of Attack", Bob Woodward 2004 p 303 15
Iraq II “Ahmad Chalabi, the Iraqi leader and former ally of the Bush administration, disclosed to an Iranian official that the United States had broken the secret communications code of Iran's intelligence service, betraying one of Washington's most valuable sources of information about Iran, according to United States intelligence. . ” NY Times, June 2, 2004 16
Caesar Cipher n n Simple coding that replaces letter by one n places further along the alphabet. If n=2 then, for example, all occurrences of a are replaced by c. internet becomes kpvgtpgv Easy to decode (26 possible keys) especially using letter usage analysis (e. g. e is most frequently used letter in English) 17
Improving Caesar Cipher n Cipher where n is variable would be stronger – n varies with letter - i. e. one to one mapping between letters – Can decipher using letter usage analysis – mapping that varies over time/usage would be better - example is the German Enigma machine of WWII. 18
Enigma encoding machine n n n On successive keystrokes the wheels moved so that the encoding was different for each keystroke. The wheels could be set by the users and the same settings had to be used at both ends of the transmission. With five wheels, each with 26 pins, the number of different substitution alphabets is 265 (which equals 11, 881, 376). 19
20
21
Enigma in use Gen. Guderian, 1943 22
Enigma Coding Machine n n n 11, 881, 376 possible permutations was thought to be impregnable. Illustrated key points on encryption: – Same key at both ends (single key)- wheel positions – Number of permutations as high as possible to defeat complete enumeration – Varying characteristics of encoding to defeat letter usage analysis Now need much larger number of permutations to avoid eavesdroppers. 23
Transmission Security - Main Elements n n n Single Key Encryption Dual Key Encryption Message Digest (often 128 bit) Certificate - containing subjects public key and encrypted using certificates authority private key We’ll go through each of these and see how they apply 24
Simplified Model of Conventional Single Key Encryption (Stallings, 1995) 25
Model of Conventional Single Key Encryption (Stallings, 1995) 26
Single Key Encryption n Input • plaintext X=[X 1, X 2, X 3 , …. , XM ] • K=[K 1, K 2, ……, KJ ] n Output • ciphertext Y=[Y 1, Y 2, …. . , YN] 27
Single Key Decryption n Input • ciphertext Y=[Y 1, Y 2, …. . , YN] • K=[K 1, K 2, ……, KJ ] n Output • plaintext X=[X 1, X 2, X 3 , …. , XM ] 28
Single Key n n n The general method for decrypting are generally based on enumerating the possible key settings. Historically single key most common. Both ends have key. Example is Data Encryption Standard (DES) from NIST. DES takes 64 bits of message and uses 56 bit length key provides 256 ( = 7. 2 x 1016) keys 29
Encryption - Public (or Dual) Key n n n Uses two separate, but matched, keys public and private. RECEIVER generates two keys with the public key made available to others. TRANSMITTER uses public key to encrypt the message. RECEIVER uses private key to decrypt message. Can be used for authentication 30
Simplified Model of Dual-Key Encryption (Stallings, 1995) 31
Dual-Key Encryption (Stallings, 1995) 32
Dual Key Encryption n Input • plaintext X=[X 1, X 2, X 3 , …. , XM ] • KUb n Output • ciphertext Y=[Y 1, Y 2, …. . , YN] 33
Dual Key Decryption n Input • ciphertext Y=[Y 1, Y 2, …. . , YN] • KRb n Output • plaintext X=[X 1, X 2, X 3 , …. , XM ] 34
Dual-Key Encryption n Most Internet data that is very sensitive is now encrypted using this dual key system (using the RCA or IDEA algorithms) with a key length of 128 bits (in North America) and 40 bits elsewhere. 35
Dual-Key Encryption n n The 128 bit key provides for 2128 (=3. 4 x 1038) different keys while the 40 bit key provides for 240( approximately 1012) different keys. Each is therefore secure from all but the most determined eavesdropper. Dual Key Encryption more computing intensive then single key so is only used to start communications 36
Authentication n n Is the process of checking that the sender of data is in fact who they claim to be. This is not as simple as it first appears. – an intruder can copy all of the packet information, perhaps also altering some of the data, and then re-transmitting it as if it had come from the original source. 37
Authentication Using Dual-Key Encryption (Stallings, 1995) 38
Dual Key Authentication (encrypt) n Input • plaintext X=[X 1, X 2, X 3 , …. , XM ] • KRa n Output • ciphertext Y=[Y 1, Y 2, …. . , YN] 39
Dual Key Authentication (decrypt) n Input • ciphertext Y=[Y 1, Y 2, …. . , YN] • KUa n Output • plaintext X=[X 1, X 2, X 3 , …. , XM ] 40
Digital Signature n This mode of operation has been formulated into what is termed the Secure Sockets Layer (SSL) which uses an independent Certification Authority (CA) to issue a digital certificate. The digital certificate contains the name of the server and the public key, as well as a digital signature 41
Example Certificate (RSA Secure Server Certification Authority) 42
43
Digital Signature Procedure n n n The client sends a request to connect to the secure server The server generates a public and private key and then sends a signed digital certificate with the public key. The client uses the public key from the server to decrypt the message and authenticate the server. 44
Authentication and Encryption n n It should be noted that this authentication process does not prevent eavesdropping. What is often used to prevent this is a double encryption procedure combining both authentication and encryption that provides both authentication and message encryption. 45
Authentication and Encryption (Encrypt) n Input • plaintext X=[X 1, X 2, X 3 , …. , XM ] • KUb(KRa) n Output • ciphertext Y=[Y 1, Y 2, …. . , YN] 46
Authentication and Encryption (Decrypt) n Input • ciphertext Y=[Y 1, Y 2, …. . , YN] • KUa(KRb) n Output • plaintext X=[X 1, X 2, X 3 , …. , XM ] 47
Data Integrity n n Data Integrity involves ensuring that the message received has not been tampered with. A main method used is that of computing a small block of code that is derived from the message and appending this small block of code to the message. 48
Data Integrity n n This code is known as a cryptographic checksum or Message Authentication Code (MACs) The function that is used to calculate the MAC need be only one way 49
SSL Process A->B hello B->A Hi, I'm Bob, bobs-certificate (Bobs public key and encrypted using CA private key) A->B prove it (A has CA public key and hence obtains Bobs public key securely) B->A Alice, This Is Bob { digest[Alice, This Is Bob] } bobs-private-key A->B ok bob, here is a secret {secret}bobs-publickey {some message, MAC}secret-key 50
Server Security n “Most servers run UNIX, which is notorious for its lack of mainframe-style security features and is a particular favorite of hackers. ” – Network and Internetwork Security W. Stallings, 1995 n “The best safe in the world is worthless if no one remembers to close the door. – Computers at Risk: Safe Computing in the Information Age” National Research Council, 1991 51
Server Security n n Firewall Housekeeping 52
Firewall n n A firewall acts as the entry and exit point to an internal network and all traffic to and from the external Internet passes through it. Can configure to allow/not allow packets of certain type or origin to pass 53
Housekeeping n n n Passwords Physically Secure the Servers Secure the private keys Limit Applications on Servers Limit ports on Servers 54
Passwords (Observed Password Lengths, Spafford (1990) ) 55
Passwords Usually, situation is made much worse by used of familiar names as passwords. 56
Virus Security n n n n Logic Bombs Trojan Horses Trapdoors Viruses Bacteria Worm Malicious Components and Programs (primarily Active. X and Java code) 57
Virus Security Protection n n Enforcing strict checks during program and system development to guard against Logic Bombs and trapdoors. Installing virus protection software on all computers in the network. 58
Virus Security Protection n n Enforcing network security aspects such as ensuring that passwords be made difficult to guess to prevent intruders or worms. Restricting downloadable programs particularly those programs that are not constrained by a sandbox e. g. Ilove. You virus containing VBScript. 59
Denial of Service Attacks n Examples include – attempts to "flood" a network, thereby preventing legitimate network traffic – attempts to disrupt connections between two machines, thereby preventing access to a service – attempts to prevent a particular individual from accessing a service – attempts to disrupt service to a specific system or person 60
n n Denial-of-service attacks are most frequently executed against network connectivity. The goal is to prevent hosts or networks from communicating on the network. An example of this type of attack is the "SYN flood" attack In this type of attack, the attacker begins the process of establishing a connection to the victim machine, but does it in such a way as to prevent the ultimate completion of the connection. In the meantime, the victim machine has reserved one of a limited number of data structures required to complete the impending connection. The result is that legitimate connections are denied while the victim machine is waiting to complete bogus "half-open" connections. 61
Other Do. S Attacks n Bandwidth Consumption – An intruder may also be able to consume all the available bandwidth on your network by generating a large number of packets directed to your network. – The intruder need not be operating from a single machine; he may be able to coordinate or co-opt several machines on different networks to achieve the same effect. 62
- Slides: 62