case study (mid-term question)
Post on 30-Dec-2015
20 Views
Preview:
DESCRIPTION
TRANSCRIPT
@Yuan Xue (yuan.xue@vanderbilt.edu)
Case Study (Mid-term question)
Bob sells BatLab Software License
Alice buys BatLab Credit card information Number of licenses
Alice
Bob
@Yuan Xue (yuan.xue@vanderbilt.edu)
Security Requirements
Alice wants Authentication of Bob Confidentiality and integrity of
the order information Prevention of order replay
Bob wants Non-repudiation of the order Confidentiality and integrity of
the licenses Integrity of the software
Other Issues DoS (message lost) Attacks to the host
Alice
Bob
@Yuan Xue (yuan.xue@vanderbilt.edu)
Security MechanismsWhat do we need/how we get them?
Authentication (of Bob)/Key distribution Certificate Public key Public key Secret session key
Confidentiality (order/license) Symmetric cipher encryption based on secret key E.g. AES
Message Integrity Protection (software) Message authentication code based on secret key E.g. HMAC-SHA1
Non-repudiation (order) Digital signature
Defense against replay attack Usage of Timestamp
@Yuan Xue (yuan.xue@vanderbilt.edu)
Questions
Where these security functions should be implemented?Who should implement them? Application developer? (BatLab.com) Application service developer? (Apache/Mazilla) System developer? (Microsoft) Network service provider? (Sprint) Etc..
If it is not a single person’s job, what security protocols/services are available? How they are designed?
@Yuan Xue (yuan.xue@vanderbilt.edu)
Network Design
Network Stack/Layer
Link
Network(IP)
Network(IP)
Transport(TCP)
Application(HTTP)
Link
Network(IP)
Transport(TCP)
Application(HTTP)
Link
Network(IP)
Link
…
Internet
network
End host
@Yuan Xue (yuan.xue@vanderbilt.edu)
Placement of Security Function
What to encrypt/protect Message format
Where the security function should be located? Network stack Link vs. End-to-end Where each layer is located and how it may get attacked
Aspects to consider Message security (which fields in the packet are protected) Number of keys required Number of encryption/decryptions Transparency to users/end hosts
@Yuan Xue (yuan.xue@vanderbilt.edu)
Big Picture
Application-specific solutions Web security
End-host-based solutions Secure network-based applications
PGP, application layer solution SSL, transportation layer solution
Network-based solutions Secure network + support for application
IPsec Internet Security
BGP security Wireless Security
IEEE 802.11 security
Link
Network
Transport
Application
SSL
Connection-oriented vs. connectionlessIPSec
WPA
PGP
BGP
Web security
@Yuan Xue (yuan.xue@vanderbilt.edu)
Our Goal
Learn these important security protocols so that we can use them
Learn how they are designed and use similar design in our system Many pitfalls exist in secure networking system
design Home-brew security solutions usually have many
weaknesses The correct usage of cryptography is crucial Following conventions is very important
@Yuan Xue (yuan.xue@vanderbilt.edu)
Pretty Good PrivacyOverview
Phil Zimmermann in 1991 Open PGP
Open Standard followed by PGP, GnuPG PGP vs. GnuPG
PGP goes commercial in 1996 GnuPG is a free replacement for PGP
Basics Build a general-purpose security application that is
independent of OS Select the existing cryptographic algorithms as building
blocksOperations
Encryption Signature Key management
More info: http://en.wikipedia.org/wiki/Pretty_Good_Privacy
@Yuan Xue (yuan.xue@vanderbilt.edu)
Overview
Key Generation public and privacy key pair/session keys
Key StorageKey Distribution Import/export Fingerprint Web of Trust
Security Operations Encryption Message Authentication Signature and Verification
Start with
@Yuan Xue (yuan.xue@vanderbilt.edu)
Operation -- Encryption
CAST-128/IDEA/3DES in CFB mode
one-time session key
ElGamal/RSA
@Yuan Xue (yuan.xue@vanderbilt.edu)
DetailsCompression Signature before compression
Convenience of future verification Flexibility in compression algorithm/implementation choice
Message encryption after compression Less redundancy in plaintext strengthen cryptographic
security
Email Capability Usage of ASCII in Email Converting 8-bit binary code to ASCII characters Radix-64 conversion
3 octets of binary code (3*8 = 24 bits) 4 ASCII characters (4*8 = 32 bits) why?
33% expansion compression offset
@Yuan Xue (yuan.xue@vanderbilt.edu)
Keys
Types Public and private key pair One-time session symmetric key
Issues Key generation Key storage Key management (distribution)
@Yuan Xue (yuan.xue@vanderbilt.edu)
Key Identifier
A user may have multiple keysNeed an ID Unique to user ID with very high probability Key ID of KUa = KUa mod 264
@Yuan Xue (yuan.xue@vanderbilt.edu)
Key Generation
Session Key Generation Generating unpredictable session keys E.g., 128-bit CAST key Two 64-bit blocks encrypted by a 128-bit key in
CFB mode two 64-bit ciphertext as the 128-bit session key
Two 64-bit blocks from a 128-bit random stream based on keystroke input from the user
Previous session key and the random stream forms the 128-bit key input 64-bit block
CAST-128 in CFB mode
64-bit block
User input
Previous Session key+ Key input
New session key
@Yuan Xue (yuan.xue@vanderbilt.edu)
PGP Message Format
Plaintext copy of the first two octets.-Enable the recipient to determine if the correct public key was used to decrypt the message digest-Error detection for the message
Time the signature is made
Time the message is made
keys are needed for the recipient to identify the keys to -decrypt the key (KUb)-Verify the signature(KUa)
@Yuan Xue (yuan.xue@vanderbilt.edu)
Key StoragePubic and Private Key RingSecure the private key with passphrase
Passphrase hash code via SHA-1 Encrypt the private key via CAST-128/IDEA/3DES with the hash
code as the key Store the encrypted private key
@Yuan Xue (yuan.xue@vanderbilt.edu)
Key management
Direct Verification Physical delivery Fingerprint
Trusted Third Party Signed certificate of a key
Web of Trust A self-organized trust management mechanism
Revoke Public Key Key revocation certificate
top related