Fundamentals of Network Security Jaydip Sen Senior Scientist Innovation Lab, Tata Consultancy Services Kolkata, INDIA Email:
[email protected]
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
1
Agenda
Security attacks: an introduction Cryptography: basic concepts Network security principles in use Firewall design Intrusion detection system Viruses and malicious programs
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
2
Security Attacks: An Introduction
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
3
Security Attacks
Attack any action that compromises the security of information. Four types of attack: 1. 2. 3. 4.
Interruption Interception Modification Fabrication
Basic model: S Source
April 16, 2005
D Destination
Faculty Development Program, BITM, Shantiniketan
4
Security Attacks Interruption: – Attack on availability
S
D
S
D
Interception: – Attack on confidentiality
I
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
5
Security Attacks Modification:
S
D
– Attack on integrity I
Fabrication: – Attack on authenticity
D
S I
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
6
Security Goals
Confidentiality
Integrity
April 16, 2005
Availability
Faculty Development Program, BITM, Shantiniketan
7
Passive and Active Attacks Passive attacks – Obtain information that is being transmitted (eavesdropping). – Two types: ▪ Release of message contents:- It may be desirable to prevent the opponent from learning the contents of the transmission. ▪ Traffic analysis:- The opponent can determine the location and identity of communicating hosts, and observe the frequency and length of messages being exchanged.
– Very difficult to detect. April 16, 2005
Faculty Development Program, BITM, Shantiniketan
8
Passive and Active Attacks (contd..) Active attacks – Involve some modification of the data stream or the creation of a false stream. – Four categories: ▪ Masquerade:- One entity pretends to be a different entity. ▪ Replay:- Passive capture of a data unit and its subsequent retransmission to produce an unauthorized effect. ▪ Modification:- Some portion of a legitimate message is altered. ▪ Denial of service:- Prevents the normal use of communication facilities. April 16, 2005
Faculty Development Program, BITM, Shantiniketan
9
Security Services Confidentiality only the sender and the intended recipient should “understand” the message contents – Sender encrypts the message before sending – Receiver decrypts the message before reading
Authentication sender and receiver want to confirm the identity of each other
Integrity the message has not been altered in transit Non-repudiation sender cannot deny later that he/she had sent the message Access control prevents misuse of resources
Availability permanence of service, non-erasure – Denial of Service Attacks – Virus that deletes files
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
10
Network Access Security
Network Access Security Model
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
11
Methods of Defense Encryption Software Controls – Access limitations in a database. – In operating systems, protect each user from other users etc.
Hardware Controls – For example, smartcard.
Policies – For example, frequent changes of passwords.
Physical Controls April 16, 2005
Faculty Development Program, BITM, Shantiniketan
12
Cryptography: Basic Concepts
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
13
Introduction
Most important concept behind network security is encryption. Two forms of encryption are in common use: 1. Private (or Symmetric) ▪ Single key shared by sender and receiver. 2. Public-key (or Asymmetric) ▪ Separate keys for sender and receiver.
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
14
Trusted Third Party Sender Message
Receiver Channel
Key1
Message Key2
Intruder
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
15
Symmteric (Private) Key Cryptography
Basic ingredients of the scheme: a) Plaintext (P) ▪
Message to be encrypted
b) Secret Key (K) ▪
Shared among the two parties
c) Ciphertext (C) ▪
Message after encryption
d) Encryption algorithm ▪
Uses P and K
e) Decryption algorithm ▪ April 16, 2005
Uses C and K Faculty Development Program, BITM, Shantiniketan
16
Symmteric (Private) Key Cryptography (contd..) Security of the scheme – Depends on the secrecy of the key. – Does not depend on the secrecy of the algorithm.
Assumptions that we make: – Algorithms for encryption/decryption are known to the public. – Keys used are kept secret.
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
17
Simplified Model of Symmetric Encryption Shared Key K
Plaintext P
April 16, 2005
Encryption Algorithm
Shared Key K
Ciphertext C
Decryption Algorithm
Faculty Development Program, BITM, Shantiniketan
Plaintext P
18
Symmetric Key Encryption- Some Points Key distribution problem of secret key systems: – Establish key before communication. – Need n(n-1)/2 keys with n different parties. A E
B
C April 16, 2005
D
Faculty Development Program, BITM, Shantiniketan
19
Classical Techniques
Broadly falls under two categories: 1. Substitution ciphers ▪ Each letter of group of letters of the plaintext are replaced by some other letter or group of letters, to obtain the ciphertext. 2. Transposition ciphers ▪ Letters of the plaintext are permuted in some form.
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
20
Symmetric Key Cryptography Substitution Cipher: substituting one thing for another – monoalphabetic cipher: substitute one letter for another
plaintext:
abcdefghijklmnopqrstuvwxyz
ciphertext:
mnbvcxzasdfghjklpoiuytrewq
E.g.:
Plaintext: bob. i love you. alice Ciphertext: nkn. s gktc wky. mgsbc
Q: How hard to break this simple cipher?: brute force (how hard?) other? April 16, 2005
Faculty Development Program, BITM, Shantiniketan
21
Symmetric Key Encryption Substitution Ciphers 1. Caesar Cipher – Earliest known substitution cipher. – Replace each letter of the alphabet with the letter three places after that alphabet. – Alphabets are assumed to be wrapped around ( Z is followed by A, etc.). P: C:
April 16, 2005
HAPPY NEW YEAR KDSSB QHZ BHDU
Faculty Development Program, BITM, Shantiniketan
22
Symmetric Key Encryption Substitution Ciphers – We can generalize the idea by replacing each letter by the kth following letter. – If we assign a number to each letter (A=1, B=2, etc), then C = E (P) = (P + k – 1) % 26 + 1 P = D (C) = (C – k + 25) % 26 + 1
– Drawback: ▪ Brute force attack is easy ▪ Try out all the 25 possible keys
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
23
Symmetric Key Encryption 2. Mono-alphabetic Cipher – Allow any arbitrary substitution. – There can be 26! or 4x1026 possible keys. – A typical key may be: (ZAQWSXCDERFVBGTYHNMJUIKLOP) – Drawback: ▪ ▪ ▪ ▪ April 16, 2005
We can make guesses by observing the relative frequency of letters in the text. Compare it with standard frequency distribution charts in English (say). Also look at the frequency of digrams and trigrams, for which tables are also available. Easy to break in general. Faculty Development Program, BITM, Shantiniketan
24
Symmetric Key Encryption 3. Poly-alphabetic Cipher – Use different mono-alphabetic substitutions as we proceed through the plaintext message. – Vigenere cipher is the best known cipher of this class. ▪ ▪
▪ ▪
April 16, 2005
Consists of 26 Caesar ciphers, with shifts of 0 to 25. Each cipher is denoted by a key letter, which is the ciphertext letter that substitutes for the plaintext letter ‘a’. To encrypt a message, a key is needed that is as long as the message (usually, a repeating keyword). Decryption is just the reverse.
Faculty Development Program, BITM, Shantiniketan
25
Symmetric Key Encryption – Drawback: ▪ Key and the plaintext share the same frequency distribution of letters. ▪ The best thing would have been to use a keyword which is as large as the plaintext, and has no statistical relationship to it.
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
26
Transposition Cipher Many techniques were proposed under this category. A simple scheme: – Write out the plaintext in a rectangle, row by row, and read the message column by column, by permuting the order of the columns. – Order of the column becomes the key.
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
27
Transposition Cipher An example P: we have enjoyed the workshop in bangalore Key:
C:
April 16, 2005
4 3 w e n j h e h o n g
1 h o w p a
2 a y o i l
5 v e r n o
6 e d k b r
7 e t s a e
howpa ayoil ejeog wnhhn verno edkbr etsae
Faculty Development Program, BITM, Shantiniketan
28
Transposition Cipher – Drawback: ▪ The ciphertext has the same letter frequency as the original plaintext. ▪ Guessing the number of columns and some probable words in the plaintext holds the key.
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
29
Symmetric Encryption Algorithms Data Encryption Standard (DES) – Block size is 64 bits. – Key is 56 bits.
IDEA – Block size is 64 bits. – Key size is 128 bits.
Advanced Encryption Standard (AES) – – – –
April 16, 2005
Also known as Rijndael cryptosystem. Block size can be 128, 192, or 256 bits. Key size can be 128, 192, or 256 bits. Brute force decryption taking 1 sec on DES, takes 149 trillion years on AES Faculty Development Program, BITM, Shantiniketan
30
Data Encryption Standard DES: Data Encryption Standard US encryption standard [NIST 1993] 56-bit symmetric key, 64-bit plaintext input How secure is DES? – DES Challenge: 56-bit-key-encrypted phrase (“Strong cryptography makes the world a safer place”) decrypted (brute force) in 4 months – no known “backdoor” decryption approach making DES more secure: – use three keys sequentially (3-DES) on each datum – use cipher-block chaining April 16, 2005
Faculty Development Program, BITM, Shantiniketan
31
Data Encryption Standard
DES operation initial permutation 16 identical “rounds” of function application, each using different 48 bits of key final permutation
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
32
Public Key Cryptography
Uses two keys for every simplex logical communication link. a) Public key b) Private key
Every communication node will have a pair of keys.
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
33
Encryption using Public Key System B’s public key KUB
Plaintext P
Encryption Algorithm
B’s private key KRB
Ciphertext C
Decryption Algorithm
B
A
April 16, 2005
Plaintext P
Faculty Development Program, BITM, Shantiniketan
34
Authentication using Public Key System A’s private key KRA
Plaintext P
Encryption Algorithm
Ciphertext C
A’s public key KUA
Decryption Algorithm
B
A
April 16, 2005
Plaintext P
Faculty Development Program, BITM, Shantiniketan
35
Applications of Public Key Systems
Three categories: a) Encryption/decryption: ▪
The sender encrypts a message with the recipient’s public key.
b) Digital signature / authentication: ▪
The sender signs a message with its private key.
c) Key exchange: ▪
April 16, 2005
Two sides cooperate to exhange a session key.
Faculty Development Program, BITM, Shantiniketan
36
Requirements of Public Key Systems Computationally easy for a party B to generate a key pair – Public key KUB – Private key KRB
Easy for sender to generate ciphertext: ▪
C = E (M, KUB)
Easy for the receiver to decrypt ciphertext using private key: ▪
April 16, 2005
M = D (C, KRB) = D (E (M, KUB), KRB)
Faculty Development Program, BITM, Shantiniketan
37
Requirements of Public Key Systems Computationally infeasible to determine KRB knowing KUB. Computationally infeasible to recover message M, knowing KUB and ciphertext C. Either of the two keys can be used for encryption, with the other used for decryption: ▪ M = D (E (M, KUB), KRB) = D (E (M, KRB), KUB)
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
38
The RSA Public Key Algorithm RSA Algorithm – Developed by Ron Rivest, Adi Shamir and Len Adleman at MIT, in 1977. – A block cipher. – The most widely implemented.
April 16, 2005
Faculty Development Program, BITM, Shantiniketan
39
The RSA Algorithm – 1. 2. 3. 4. 5. 6. 7.
Select p,q Calculate n = p x q Calculate Select integer e Calculate d Public Key Private key
Key Generation
p and q both large primes
(n) ( p 1)(q 1)
gcd( (n), e) 1; 1 e (n) d e1 mod (n) KU = {e,n} KR = {d,n}
(n) is the number of positive numbers less than n and relatively prime to n (called Euler totient). April 16, 2005
Faculty Development Program, BITM, Shantiniketan
40
The RSA Algorithm - Encryption
Plaintext:
M