Computer Communication Networks Network Security ICEN/ICSI 416 - PowerPoint PPT Presentation

Computer Communication Networks Network Security ICEN/ICSI 416 – Fall 2016 Prof. Dola Saha 1

Network Security Goals: Ø understand principles of network security: § cryptography and its many uses beyond “ confidentiality ” § authentication § message integrity Ø security in practice: § firewalls and intrusion detection systems § security in application, transport, network, link layers 2

Motivation 3

What is network security? Ø confidentiality : only sender, intended receiver should “ understand ” message contents n Method – encrypt at sender, decrypt at receiver n A protocol that prevents an adversary from understanding the message contents is said to provide confidentiality . n Concealing the quantity or destination of communication is called traffic confidentiality . Ø message integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection n A protocol that detects message tampering provides data integrity. n The adversary could alternatively transmit an extra copy of your message in a replay attack. n A protocol that detects message tampering provides originality. n A protocol that detects delaying tactics provides timeliness. 4

What is network security? Ø authentication: sender, receiver want to confirm identity of each other § A protocol that ensures that you really are talking to whom you think you’re talking is said to provide authentication. § Example: DNS Attack [correct URL gets converted to malicious IP] Ø access and availability : services must be accessible and available to users § A protocol that ensures a degree of access is called availability. § Denial of Service (DoS) Attack § Example: SYN Flood attack (Client not transmitting 3 rd message in TCP 3-way handshake, thus consuming server’s resource) § Example: Ping Flood (attacker transmits ICMP Echo Request packets) 5

Friends and enemies: Alice, Bob, Trudy Ø well-known in network security world Ø Bob, Alice (lovers!) want to communicate “ securely ” Ø Trudy (intruder) may intercept, delete, add messages Alice Bob data, control channel messages secure secure data data s sender receiver Trudy 6

Who might Bob, Alice be? Ø … well, real-life Bobs and Alices! Ø Web browser/server for electronic transactions (e.g., on- line purchases) Ø on-line banking client/server Ø DNS servers Ø routers exchanging routing table updates Ø other examples? 7

There are bad guys (and girls) out there! Q: What can a “ bad guy ” do? A: A lot! § eavesdrop: intercept messages § actively insert messages into connection § impersonation: can fake (spoof) source address in packet (or any field in packet) § hijacking: “ take over ” ongoing connection by removing sender or receiver, inserting himself in place § denial of service : prevent service from being used by others (e.g., by overloading resources) 8

Cryptography in Insecure Network 9

The language of cryptography Alice ’ s Bob ’ s K encryption K B decryption A key key encryption decryption ciphertext plaintext plaintext algorithm algorithm m plaintext message K A (m) ciphertext, encrypted with key K A m = K B (K A (m)) 10

Symmetric key cryptography K S K S encryption decryption ciphertext plaintext plaintext algorithm algorithm message, m m = K S (K S (m)) K (m) S symmetric key crypto: Bob and Alice share same (symmetric) key: K s Ø e.g., key is knowing substitution pattern in mono alphabetic substitution cipher Q: how do Bob and Alice agree on key value? 11

Simple encryption scheme substitution cipher: substituting one thing for another § monoalphabetic cipher: substitute one letter for another plaintext: abcdefghijklmnopqrstuvwxyz ciphertext: mnbvcxzasdfghjklpoiuytrewq e.g.: Plaintext: bob. i love you. alice ciphertext: nkn. s gktc wky. mgsbc Encryption key: mapping from set of 26 letters to set of 26 letters 12

Breaking an encryption scheme Ø cipher-text only attack: Trudy Ø known-plaintext attack: Trudy has ciphertext she can analyze has plaintext corresponding to ciphertext [when an intruder Ø two approaches: knows some of the (plain, cipher) § brute force: search through all keys pairings] § statistical analysis § e.g., in monoalphabetic cipher, Trudy determines pairings for a,l,i,c,e,b,o, Ø chosen-plaintext attack: Trudy can get ciphertext for chosen plaintext § If Trudy could get Alice to send encrypted message, “The quick brown fox jumps over the lazy dog”, then the encryption is broken. 13

Polyalphabetic Cipher Plaintext letter: a b c d e f g h i j k l m n o p q r s t u v w x y z C 1 ( k = 5): f g h i j k l m n o p q r s t u v w x y z a b c d e C 2 ( k = 19): t u v w x y z a b c d e f g h i j k l m n o p q r s Ø n substitution ciphers, C 1 ,C 2 ,…,C n Ø cycling pattern: § e.g., n=4 [C 1 -C 4 ], k=key length=5: C 1 ,C 3 ,C 4 ,C 3 ,C 2 ; C 1 ,C 3 ,C 4 ,C 3 ,C 2 ; .. Ø for each new plaintext symbol, use subsequent substitution pattern in cyclic pattern § dog: d from C 1 , o from C 3 , g from C 4 Encryption key: n substitution ciphers, and cyclic pattern § key need not be just n-bit pattern 14

Block vs Stream Cipher Ø Block ciphers process messages into blocks, each of which is then en/decrypted § 64-bits or more § Example: DES, AES Ø Stream ciphers process messages a bit or byte at a time when en/decrypting § Example: WEP (used in 802.11) Ø Brute Force attack is possible if few number of bits are chosen 15

Cipher Block Chaining Ø Plaintext block is XORed with the previous block’s ciphertext before being encrypted. § Each block’s ciphertext depends on the preceding blocks § First plaintext block is XORed with a random ciphertext number. ü That random number, called an initialization vector (IV), is ciphertext block can be decrypted. included with the series of ciphertext blocks so that the first Ø Provides better efficiency for brute force attack 16

Symmetric key crypto: DES DES: Data Encryption Standard Ø US encryption standard [NIST 1993] Ø 56-bit symmetric key, 64-bit plaintext input Ø block cipher with cipher block chaining Ø how secure is DES? § DES Challenge: 56-bit-key-encrypted phrase, decrypted (brute force) in less than a day § no known good analytic attack Ø making DES more secure: § 3DES: encrypt 3 times with 3 different keys 17

Symmetric key crypto: DES DES operation Ø initial permutation (on 64 bits) Ø 16 identical “ rounds ” of function application § each using different 48 bits of key § rightmost 32 bits are moved to leftmost 32 bits Ø final permutation (on 64 bits) Kaufman, Schneier, 1995 18

AES: Advanced Encryption Standard Ø symmetric-key NIST standard, replaced DES (Nov 2001) Ø processes data in 128 bit blocks Ø 128, 192, or 256 bit keys Ø brute force decryption (try each key) taking 1 sec on DES, takes 149 trillion years for AES 19

Public Key Cryptography symmetric key crypto public key crypto Ø requires sender, receiver know shared secret key § radically different approach Ø Q: how to agree on key in first [Diffie-Hellman76, RSA78] place (particularly if never § sender, receiver do not share “ met ” )? secret key § public encryption key known to all § private decryption key known only to receiver 20

Public key cryptography + Bob ’ s public K B key - Bob ’ s private K B key encryption decryption plaintext ciphertext plaintext algorithm algorithm message, m message + K (m) - + B m = K ( K (m) ) B B 21

Public key encryption algorithms requirements: . . + - need K ( ) and K ( ) such that 1 B B - + K (K (m)) = m B B + 2 given public key K , it should be B - impossible to compute private key K B RSA: Rivest, Shamir, Adelson algorithm [1999] 22

Prerequisite: modular arithmetic Ø x mod n = remainder of x when divide by n Ø facts: [(a mod n) + (b mod n)] mod n = (a+b) mod n [(a mod n) - (b mod n)] mod n = (a-b) mod n [(a mod n) * (b mod n)] mod n = (a*b) mod n Ø thus (a mod n) d mod n = a d mod n Ø example: x=14, n=10, d=2: (x mod n) d mod n = 4 2 mod 10 = 6 x d = 14 2 = 196 x d mod 10 = 6 23

RSA: getting ready Ø message: just a bit pattern Ø bit pattern can be uniquely represented by an integer number Ø thus, encrypting a message is equivalent to encrypting a number example: Ø m= 10010001 . This message is uniquely represented by the decimal number 145. Ø to encrypt m, we encrypt the corresponding number, which gives a new number (the ciphertext). 24

RSA: Creating public/private key pair 1. choose two large prime numbers p, q. (e.g., 1024 bits each) 2. compute n = pq, z = (p-1)(q-1 ) 3. choose e ( with e<n) that has no common factors with z ( e, z are “ relatively prime ” ). 4. choose d such that ed-1 is exactly divisible by z . (in other words: ed mod z = 1 ). 5. public key is (n,e). private key is (n,d). - + K B K B 25

RSA: encryption, decryption 0. given ( n,e ) and ( n,d ) as computed above 1. to encrypt message m (<n) , compute e c = m mod n 2. to decrypt received bit pattern, c , compute d m = c mod n magic d e m = (m mod n) mod n happens! c 26

RSA example: Bob chooses p=5, q=7 . Then n=35, z=24 . e=5 (so e, z relatively prime). d=29 (so ed-1 exactly divisible by z). encrypting 8-bit messages. m e e m bit pattern c = m mod n encrypt: 17 12 24832 0000l000 c d d c m = c mod n decrypt: 17 12 481968572106750915091411825223071697 27