Network Security Principles and Cryptography Essentials

Network Security Dimitris Palyvos Giannas Utilizing Kurose-Ross Slides, 7thGlobal Ed.

Learning Objectives Explain the requirements of secure communication Classify different encryption techniques Compare and contrast message integrity strategies Give a high level explanation of real-world security protocols Explain the principles of operational security mechanisms

A tale of two lovers Alice Bob data, control messages channel secure sender secure receiver Trudy

Network Security Principles 1. Confidentiality 2. Integrity 3. Authentication 4. Access & Availability

Learning Objectives Explain the requirements for secure communication Classify various encryption techniques Compare and contrast message integrity strategies Give a high level explanation of real-world security protocols Explain the principles of operational security mechanisms

Symmetric Key Cryptography Alice Bob common key K common key K encryption algorithm decryption algorithm ciphertext plaintext plaintext Trudy

Block Ciphers Break up the message into bit blocks of constant size N Use a substitution table for all values e.g. 100 101, 001 111, For N = 64, we need more than 2,305,843terabytes Instead, use a function that simulates random permuted tables Small permutation tables total size 256KB

Block Cipher ECB Mode 101 111 111 Plaintext block IN OUT 000 110 001 111 Symmetric Key (encrypts and decrypts) 010 100 011 000 Block cipher 100 101 101 011 110 010 111 001 011 001 Ciphertext block 001

Information Leakage Block Effect

Randomization to the rescue! CBC Mode 101 111 111 Plaintext block IN OUT 000 110 010 001 111 001 010 IV init. vector for first block 010 100 f 011 000 101 110 111 100 101 101 011 Block cipher 110 010 111 001 001 010 011 Ciphertext block

Symmetric key ciphers DES (Data Encryption Standard) Designed by IBM 1975, Adopted by NIST* 1977 Criticized for short key length (56 bits) and mysterious S-boxes Not considered secure anymore! 3-DES (repeating DES three times with different keys) 3-DES probably secure today but too computational intensive AES (Advanced Encryption Standard) Replaces DES as of 2001 Result of an official competition Longer Key lengths: 128, 192 or 256 bits Brute force decryption: if DES takes 1 second, AES-128 takes 149 trillion years, AES-256 would take 1052 years

Symmetric Key Cryptography Encryption algorithms are public Sender & Receiver share a common secret key Messages are split into blocks of constant length (e.g. 64, 128, 256, ) Many block ciphers & modes of operation Brute force attacks trying all possible combinations Key Length 1 10 20 64 128 # Combinations 2 1024 1048576 18446744073709551616 340282366920938463463374607431768211456 (3 billion billion billion billion )

Public Key Cryptography + Bob s public key K B - Bob s private key K B encryption algorithm decryption algorithm ciphertext K (m) B - + m = K (K (m)) B m B + plaintext message plaintext message

Public Key Cryptography One key is public the other kept secret One key is used to encrypt, the other to decrypt Based on mathematically hard problems RSA Cipher (Rivest, Shamir, Adleman) Factorization of very large prime numbers Slow because of the large numbers involved Key Length 1024 bits and up in RSA 21024= 10308which means > 300 digit numbers In practice, used to exchange symmetric keys! Can also be used for digital signatures!

Cryptographic Hash Function Unique summary of a large message Small change in message results in completely different hash Deterministic Fast to compute Irreversible Infeasible to find collisions Does not encrypt data! MD5 (compromised), SHA-1 (compromised*), SHA-2, SHA-3 * Since 2005 SHA-1 has not been considered secure against well-funded opponents

Cryptographic Hash Function SHA-1

Performance Comparison Hash functions SHA-1 MD5 200-1,000 Mbyte/s Symmetric ciphers AES DES 3-DES 100 Mbyte/s Public-Key ciphers RSA 0.1 Mbyte/s

Your turn bit.ly/2EKDpVi (case sensitive!)

Learning Objectives Explain the requirements for secure communication Classify different encryption techniques Compare and contrast message integrity strategies Give a high level explanation of popular security protocols Explain the principles of operational security mechanisms

Woman in the middle attack! Bob Alice Trudy altered ciphertext ciphertext I love you I hate you Was the message altered by Trudy? Message Integrity Was the message was sent by Alice? Digital Signatures + Authentication

MAC Message Authentication Code Sender Receiver S S Message Message HASH HASH Message Compare MAC MAC Sender and receiver need a shared secret Authenticates sender + Verifies Message Integrity No encryption!

Digital Signatures Image: https://www.docusign.com/how-it-works/electronic-signature/digital-signature/digital-signature-faq

Digital Signatures Cryptographic technique analogous to hand-written signatures No shared secret required! Based on public key ciphers Sender (Alice) digitally signs document This way, she establishes she is document owner/creator Verifiable, nonforgeable: recipient (Bob) can prove to someone that Alice, and no one else, must have signed document

Public Key Cryptography & Digital Signatures Public Key Cryptography Everybody can encrypt Only one can decrypt Digital Signatures Only one can encrypt (sign) Everybody can decrypt (verify)

Digital Certificates The attacker can alter the public key! Another layer of authentication: Public Key Certificates A Certification Authority (CA) sings the name + public key Everybody can use the CA s public key to verify other public keys How do we verify the CA s public key?

End-point Authentication Bob wants Alice to prove her identity to him I am Alice

End-point authentication Alice could send her IP address and a secret password to Bob encrypted password Alice s IP addr I m Alice Alice s IP addr OK encrypted password Alice s IP addr I m Alice Playback attack!

End-point authentication Use a unique number (nonce) R and a shared secret! I am Alice R Alice is live, and only Alice knows key to encrypt nonce, so it must be Alice! K (R) A-B

Learning Objectives Explain the requirements for secure communication Classify different encryption techniques Compare and contrast message integrity strategies Give a high level explanation of real-world security protocols Explain the principles of operational security mechanisms

Real World Source: xkcd

Transport Layer Security SSL & TLS SSL/TLS provides secure communication over TCP Guarantees Confidentiality, Integrity & Authentication Widely deployed (billions $/year over SSL) Provides an API to TCP applications Application Application SSL TCP TCP IP IP normal application application with SSL

SSL Handshake

SSL Handshake 1. Client sends (supported algorithms, client nonce) 2. Server chooses algorithms from list; sends back: (algorithms choice, certificate, server nonce) 3. Client verifies certificate, extracts server s public key, generates PMS, encrypts with server s public key, sends to server (encrypted PMS) 4. Client and Server independently compute encryption and MAC keys from PMS and nonces 5. Client sends a MAC of all the handshake messages 6. Server sends a MAC of all the handshake messages

The Devil is in the Details The two final steps protect handshake from tampering (e.g. weak algorithm suggestions) Why two random nonces? Suppose Trudy sniffs all messages between Alice & Bob Next day, Trudy sets up TCP connection with Bob, sends exact same sequence of records (without being able to decrypt it) Bob (Amazon) thinks Alice made two separate orders for the same thing solution: Bob sends different random nonce for each connection. This causes encryption keys to be different on the two days Trudy s messages will fail Bob s integrity check

Your turn bit.ly/2CG3IGk (case sensitive!)

Learning Objectives Explain the requirements for secure communication Classify different encryption techniques Compare and contrast message integrity strategies Give a high level explanation of real-world security protocols Explain the principles of operational security mechanisms

Packet Filtering public Internet untrusted bad guys administered network trusted good guys Firewall

Stateless Packet Filters Should arriving packet be allowed in? Departing packet let out? Router Firewall, filters packet-by-packet. Decision to forward/drop based on: IP addresses (Src & Dest) Port numbers (Src & Dest) ICMP message type TCP SYN and ACK bits

Stateless Packet Filters Policy Firewall Setting Drop all outgoing packets to any IP address, port 80 No outside Web access. Drop all incoming TCP SYN packets to any IP except 130.207.244.203, port 80 No incoming TCP connections, except those for institution s public Web server only. Drop all incoming UDP packets - except DNS and router broadcasts. Prevent Web-radios from eating up the available bandwidth. Drop all ICMP packets going to a broadcast address (e.g. 130.207.255.255). Prevent your network from being used for a smurf DoS attack. Drop all outgoing ICMP TTL expired traffic Prevent your network from being tracerouted

Stateful packet filters stateless packet filter: heavy handed tool admits packets that make no sense e.g., dest port = 80, ACK bit set, even if no TCP connection established stateful packet filter: track status of every TCP connection track connection setup (SYN), teardown (FIN): determine whether incoming, outgoing packets make sense timeout inactive connections at firewall, no longer admit packets

Firewalls Operate on TCP/IP headers only Prevent denial of service attacks e.g. SYN flooding: attacker establishes many bogus TCP connections, no resources left for real connections Prevent illegal modification/access of internal data e.g., attacker replaces CIA s homepage with something else allow only authorized access to inside network set of authenticated users/hosts Stateful/stateless

Application Gateways host-to-gateway telnet session application gateway gateway-to-remote host telnet session Firewall Filter packets on application data as well as on header data Example: allow select internal users to telnet outside 1. Require all telnet users to telnet through gateway 2. For authorized users, gateway sets up telnet connection to dest host. Gateway relays data between 2 connections 3. Router filter blocks all telnet connections not originating from gateway

Challenges for Packet Filters/Gateways IP spoofing Firewall can t know if data really comes from claimed source Filters often use all or nothing policy for UDP Filtering is a tradeoff Degree of communication Each app requires its own gateway resource requirements Client software must know how to contact gateway e.g., must set IP address of proxy in Web browser Not a panacea! Many highly protected sites still suffer from attacks Level of security

IDS Intrusion Detection Systems Packet Filtering Operates on TCP/IP headers only No correlation check among sessions IDS deep packet inspection look at packet contents (e.g., check strings in packet against database of known virus, attack strings) Examine correlation among multiple packets Port scanning Network mapping DoS attack Signature/Anomaly based

IDS Intrusion Detection Systems https://bus206.pressbooks.com/chapter/chapter-6-information-systems-security/

Security Courses @ Chalmers Computer Security (SP3) Cryptography (SP2) Language-based Security (SP4) Network security (SP4)