Network Security Architecture 1
Additional Reading “Firewalls and Internet Security: Repelling the Wily Hacker”, Cheswick, Bellovin, and Rubin. − New second edition “Firewall and Internet Security, the Second Hundred (Internet) Years” http://www.cisco.com/warp/public/759/ipj_2- 2/ipj_2-2_fis1.html 2
Overview Network Security Architecture − Wireless − Security Domains − VPN Firewall Technology − Address Translation − Denial of Service attacks Intrusion Detection Both firewalls and IDS are introductions. 3
802.11 or Wi-Fi IEEE standard for wireless communication − Operates at the physical/data link layer − Operates at the 2.4 or 5 GHz radio bands Wireless Access Point is the radio base station − The access point acts as a gateway to a wired network e.g., ethernet − Can advertise Service Set Identifier (SSID) or not Doesn't really matter, watcher will learn active SSIDs Laptop with wireless card uses 802.11 to communicate with the Access Point 4
WEP “Wired Equivalency Privacy” -- early technique for encrypting wireless communication Authenticated devices use a key and initialization vector to seed RC4---a stream cipher v V (initialization vector) is changed every frame − Dangers of repeated encryption using the same key stream-- XOR of ciphertexts gives XOR of plaintexts And if some of the plaintext is known, the other is recovered 5
Frame transmission RC4(v,k) is stream generated by long-lived key k and initialization vector v v transmitted in the clear v is only 24 bits long---since k is long-lived (and used by all devices)---you are assured of getting repeated key sequences − And knowing when you have them! Because v is in the clear… 6
Security Mechanisms MAC restrictions at the access point − “white list” : Protects servers from unexpected clients − Unacceptable in a dynamic environment − No identity integrity. You can reprogram your card to pose as an “accepted” MAC. IPSec − To access point or some IPSec gateway beyond − Protects clients from wireless sniffers − Used by UIUC wireless networks 802.11i − Authentication and integrity integral to the 802.11 framework 7 − WEP, WPA, WPA2
Network Security Protocols SSL/TLS − Secure sockets layer / Transport layer security − Used mainly to secure Web traffic SSH − Secure Shell − Remote login IPsec − IP-level security suite 8 8
SSL Mid ‘90s introduced concerns over credit card transactions over the Internet SSL designed to respond to thse concerns, develop e-commerce Initially designed by Netscape, moved to IETF standard later 9 9
SSL model A client and a server Implements a socket interface Any socket-based application can be made to run on top of − SSL Protect against: Eavesdroppers − MITM attacks − Server has X.509 certificate Client may have a certificate, too − Provides encryption, and authentication of server 10 10
SSL Handshake, (1) Client requests “https” connection with server Passes information to server in message describing − available protocols Key exchange method (e.g., RSA, Diffie-Hellman, DSA) Cipher (e.g., Triple DES, AES) Hash (e.g., HMAC-MD5, HMAC-SHA) Compression algorithms Client nonce Server responds with messages that Selects (key xchg, cipher, hash, compression) − Provide server’s certificate − Server nonce − 11 11
SSL Handshake, (2) Client verifies server cert Likely that cert was signed by a CA whose cert is in the − browser already generates pre_master_secret, encrypts using server’s public key, sends it Client and server separately compute session key and MAC keys (these from prior random numbers passed) Client sends MAC of all messages it sent to server in this handshake Server sends MAC of all messages it sent to client in this exchange 12 12
SSL certificates 13 13
SSL history SSLv2 1994 SSLv3 1996 − Fixed security problems TLS v1.0 1999 TLS v1.1 2006 14 14
SSL key lengths Earlier versions used 40-bit keys for export reasons Later versions switched to 128-bit keys, with an option to use 40-bit ones with legacy servers/clients Rollback attack: − MITM 15 15
SSL sequence Negotiate parameters Key exchange Authentication Session 16 16
SSL negotiation Choice of cipher suites, key exchange algorithms, protocol versions E.g. : choice of 40- or 128-bit keys for export reasons Rollback attack: MITM chooses least secure parameters 17 17
SSL key exchange Diffie-Hellman key exchange RSA-based key exchange − Encrypt secret s with public key of server 18 18
SSL session Use ChangeCipherSpec message to start encrypting data Encryption: RC4, also DES, 3DES, AES, ... Authentication: HMAC, using MD5 or SHA1 19 19
SSL session…pushing the bits Blocks, sized up to 18K Algorithm agreed-up on in handshake MAC added for authentication Algorithm, key, agreed-up on in handshake Passed on to TCP 20 20
SSL pitfalls Hard to set up − Expensive certificates − Resource-intensive Insufficient verification Do people notice the lock icon? − Do people check the URL? − Improper use 21 21
IPsec Designed as part of IPv6 suite One of the key features v6 was supposed to bring − Backported to IPv4 Two options: AH (authentication) and ESP (encapsulated security) Two modes: transport and tunnel Readable resource http://www.unixwiz.net/techtips/iguide-ipsec.html 22 22
Transport vs. Tunnel Mode Grand vision: eventually, all IP packets will be encrypted and authenticated Transport mode: add headers to IP to do so May include encryption, authentication, or both Reality: Most computers don’t support IPsec (more on why later) Tunnel mode: use IPsec between two gateways to relay IP packets through “untrusted cloud” 23 23
Tunnel Mode P P P P P P H1 H2 24 24
AH - Authentication Simple design: add header with authentication data Security parameters − Authentication data : just an HMAC with − shared key to compute Integrity Check Value (ICV) Different of the HMAC architecture picture 25 25
AH Header Next hdr is protocol type of the following header AH Length gives size of AH header SPI -- sort of a switch code indicating which set of security parameters apply Sequence number --- basically a nonce to prevent replay attacks HMAC field 26
AH diagram HMAC applied only to fields in yellow 27 27
Piggybacking AH on IPv4 The structure allows IPSec logic to − peel off the AH header, do verification and/or decoding, − Modify “length” and “next protocol” fields to be that of an AH-free IP packet − Push the packet up the stack with higher levels none the wiser that IPSec was present 28
Tunneling in IPSec Change the source and destination addresses to be the tunnel endpoints IPSec tunnel endpoints strip off AH header, to authentication and endcoding Original IP packet is part of the payload, just released into the local network 29
AH in Tunnel Mode How to detect tunnel mode Original IP header 30 30
ESP - Encapsulated Security Payload Encapsulate data − Encapsulate datagram rather than add a header − Encrypt & authenticate Authentication header based only on encapsulation--- not Iaddresses---hold that thought--- 31 31
ESP diagram SPI describes encryption Protocol using TCP is Completely hidden Padding and pad len support block encryption 32 32
Key management ESP and AH use session keys Sessions are called Security Associations Indexed by protocol, IP address, SPI − ISAKMP: Internet Security Association Key Management Protocol Authenticates parties − Establishes session keys − Authentication Big global PKI (DNSSEC??) − Manual configuration − 33 33
IPsec redux Deployment of IPsec limited Some reasons Global PKI infrastructure hard to set up − Fixes a “solved” problem − SSL & SSH work well IPsec success: VPNs Use tunnel mode of IPsec − 34 34
Perimeter Defense Is it adequate? − Locating and securing all perimeter points is quite difficult Less effective for large border − Inspecting/ensuring that remote connections are adequately protected is difficult − Insiders attack is often the most damaging 35
Virtual Private Networks A private network that is configured within a public network A VPN “appears” to be dedicated network to customer The customer is actually “sharing” trunks and other physical infrastructure with other customers Security? − Depends on implementing protocol 36
Recommend
More recommend
