Download - Network Security - IITKGP
![Page 1: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/1.jpg)
1
Network Security
![Page 2: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/2.jpg)
2
Security Attacks and Services
![Page 3: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/3.jpg)
3
Security Attacks
• Any action that compromises the security of information.
• Four types of attack:1. Interruption2. Interception3. Modification4. Fabrication
• Basic model:
DSource Destination
S
![Page 4: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/4.jpg)
4
• Interruption:– Attack on availability
• Interception:– Attack on confidentiality
S D
S D
I
![Page 5: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/5.jpg)
5
• Modification:– Attack on integrity
• Fabrication:– Attack on authenticity
S D
S D
I
I
![Page 6: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/6.jpg)
6
Passive and Active Attacks
• Passive attacks– Obtain information that is being transmitted
(eavesdropping).– Two types:
• Release of message contents:- It may be desirable to prevent the opponent from learning the contents of the transmission.
• Traffic analysis:- The opponent can determine the location and identity of communicating hosts, and observe the frequency and length of messages being exchanged.
– Very difficult to detect.
![Page 7: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/7.jpg)
7
• Active attacks– Involve some modification of the data stream or
the creation of a false stream.– Four categories:
• Masquerade:- One entity pretends to be a different entity.• Replay:- Passive capture of a data unit and its
subsequent retransmission to produce an unauthorized effect.
• Modification:- Some portion of a legitimate message is altered.
• Denial of service:- Prevents the normal use of communication facilities.
![Page 8: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/8.jpg)
8
Security Services
• Confidentiality • Authentication • Integrity • Non-repudiation • Access control • Availability
– Denial of Service Attacks– Virus that deletes files
![Page 9: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/9.jpg)
9
Network Access Security Model
![Page 10: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/10.jpg)
10
Cryptography: Basic Concepts
![Page 11: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/11.jpg)
11
Introduction
• Most important concept behind network security is encryption.
• Two forms of encryption are in common use:– Private (or Symmetric)
• Single key shared by sender and receiver.• Examples: DES, AES, IDEA
– Public-key (or Asymmetric)• Separate keys for sender and receiver.• Examples: RSA, Diffie-Hellman
![Page 12: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/12.jpg)
12
Some Terminologies
• Plaintext: – the data that is to be encrypted
• Ciphertext: – the encrypted form of the data
• Encryption/Decryption algorithm– the algorithm used to carry out the transformation.
• Key– Usually a secret entity.– Used as parameter to the encryption/decryption
algorithm.
![Page 13: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/13.jpg)
13
Private Key Cryptography
![Page 14: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/14.jpg)
14
Simplified Model of Conventional Encryption
EncryptionAlgorithm
Decryption Algorithm
PlaintextP
PlaintextP
Ciphertext C
Shared Key K Shared Key K
![Page 15: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/15.jpg)
15
Classical Techniques
• Broadly falls under two categories:1. Substitution ciphers
• Each letter of group of letters of the plaintext are replaced by some other letter or group of letters, to obtain the ciphertext.
2. Transposition ciphers• Letters of the plaintext are permuted in some
form.
![Page 16: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/16.jpg)
16
Substitution Ciphers
1. Caesar Cipher– Earliest known substitution cipher.– Replace each letter of the alphabet with the letter
three places after that alphabet.– Alphabets are assumed to be wrapped around
(Z is followed by A, etc.).
P: H A P P Y N E W Y E A RC: K D S S B Q H Z B H D U
![Page 17: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/17.jpg)
17
– We can generalize the idea by replacing each letter by the kth following letter.
– If we assign a number to each letter (A=1, B=2, etc), then
C = E (P) = (P + k – 1) % 26 + 1P = D (C) = (C – k + 25) % 26 + 1
– Drawback:• Brute force attack is easy• Try out all the 25 possible keys
![Page 18: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/18.jpg)
18
2. Mono-alphabetic Cipher– Allow any arbitrary substitution.– There can be 26! or 4x1026 possible keys.– A typical key may be:
(ZAQWSXCDERFVBGTYHNMJUIKLOP)– Drawback:
• We can make guesses by observing the relative frequency of letters in the text.
• Compare it with standard frequency distribution charts in English (say).
• Also look at the frequency of digrams and trigrams, for which tables are also available.
• Easy to break in general.
![Page 19: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/19.jpg)
19
3. Poly-alphabetic Cipher– Use different mono-alphabetic substitutions as
we proceed through the plaintext message.– Vigenere cipher is the best known cipher of
this class.• Consists of 26 Caesar ciphers, with shifts of 0 to 25.• Each cipher is denoted by a key letter, which is the
ciphertext letter that substitutes for the plaintext letter ‘a’.
• To encrypt a message, a key is needed that is as long as the message (usually, a repeating keyword).
• Decryption is just the reverse.
![Page 20: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/20.jpg)
20
– Drawback:• Key and the plaintext share the same
frequency distribution of letters.• The best thing would have been to use a
keyword which is as large as the plaintext, and has no statistical relationship to it.
![Page 21: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/21.jpg)
21
Transposition Cipher
• Many techniques were proposed under this category.
• A simple scheme:– Write out the plaintext in a rectangle, row by row,
and read the message column by column, by permuting the order of the columns.
– Order of the column becomes the key.
![Page 22: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/22.jpg)
22
• An exampleP: we have enjoyed the workshop in jadavpur
Key: 4 3 1 2 5 6 7w e h a v e en j o y e d th e w o r k sh o p i n j ad a v p u r -
C: howpv ayoip ejeoa wnhhd vernu edkjr etsa-
![Page 23: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/23.jpg)
23
– Drawback:• The ciphertext has the same letter frequency
as the original plaintext.• Guessing the number of columns and some
probable words in the plaintext holds the key.
![Page 24: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/24.jpg)
24
Some Important Issues
• Security of the scheme– Depends entirely on the secrecy of the key. – Does not depend on the secrecy of the algorithm.
(Has to be public for criticism!)• So, the assumptions that we make:
– Algorithms for encryption/decryption are known to the public.
– Keys used are kept secret.
![Page 25: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/25.jpg)
25
What is meant by What is meant by ““Security lies in the KeysSecurity lies in the Keys””
2.15 milliseconds232 = 4.3 x 10932
5.9 x 1030 years2168 = 3.7 x 1050168
5.4 x 1018 years2128 = 3.4 x 1038128
10 hours256 = 7.2 x 101656
Time required at 106
decryptions / µsNumber of
Alternative KeysKey Size
(bits)
![Page 26: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/26.jpg)
26
Practical Encryption Algorithms
• Data Encryption Standard (DES)– Block size is 64 bits.– Key is 56 bits.
• IDEA– Block size is 64 bits.– Key size is 128 bits.
• Advanced Encryption Standard (AES)– Also known as Rijndael cryptosystem.– Block size can be 128, 192, or 256 bits.– Key size can be 128, 192, or 256 bits.
![Page 27: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/27.jpg)
27
Block Encryption Algorithms
• Data Encryption Standard (DES)– The most widely used encryption scheme.– Known as the Data Encryption Algorithm (DEA).– It is a block cipher.
• The plaintext is 64-bits in length.• The key is 56-bits in length.• Longer plaintexts are processed in 64-bit blocks.
![Page 28: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/28.jpg)
28
Initial Permutation
Round 1
Round 2
Round 16
32-bit Swap
Reverse InversePermutation
Permuted Choice 2
Permuted Choice 2
Permuted Choice 2
Permuted Choice 1
Left circular shift
Left circular shift
Left circular shift
P (64-bit)
C (64-bit)
K (56-bit)
General Schematicof DES Algorithm
K16
K1
K2
![Page 29: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/29.jpg)
29
Single Iteration of DES Algorithm
![Page 30: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/30.jpg)
30
DES
• The overall processing at each iteration:Li = Ri-1
Ri = Li-1 ⊕ F(Ri-1, Ki)
• Concerns about:– The algorithm and the key length (56-bits).– Longer key lengths essential for critical
applications.
Fiestel Structure
![Page 31: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/31.jpg)
31
Problems with DES
• 56-bit key size considered to be too small for providing acceptable level of security for most applications.
• Broken by various cryptanalysis groups.
![Page 32: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/32.jpg)
32
Hence, Triple DES!• Use three keys and three executions of
the DES algorithm (encrypt-decrypt-encrypt).
C = EK3 [DK2 [EK1 [P]]]
– C = ciphertext– P = Plaintext– EK[X] = encryption of X using key K– DK[Y] = decryption of Y using key K
• Effective key length of 168 bits.
![Page 33: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/33.jpg)
33
Triple DES: Illustration
E D E
D E D
P
P
C
C
K1
K1
K2
K2
K3
K3
X Y
Y X
![Page 34: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/34.jpg)
34
Some Points to Observe
• Key distribution problem of secret key systems:– Establish key before communication.– Need n(n-1)/2 keys with n different parties.
A
B E
DC
![Page 35: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/35.jpg)
35
Key Distribution
• Two parties A and B trying to communicate.– A key could be selected by A and physically
delivered to B.– A third party could select the key and physically
deliver it to both A and B.– If A and B have previously used a key, one party
could transmit the new key to the other, encrypted using the old key.
– If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B.
![Page 36: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/36.jpg)
36
Key Distribution (contd.)
• Session key:– Data encrypted with a one-time session key.– At the conclusion of the session the key is
destroyed.• Permanent key:
– Used between entities for the purpose of distributing session keys.
![Page 37: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/37.jpg)
37
Public Key Cryptography
![Page 38: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/38.jpg)
38
Basic Concept
• Uses two keys for every simplex logical communication link.
a) Public keyb) Private key
• Every communication node will have a pair of keys.– For n number of nodes, total number of keys
required is 2n.
![Page 39: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/39.jpg)
39
Encryption using Public Key System
EncryptionAlgorithm
Decryption Algorithm
PlaintextP
PlaintextP
Ciphertext C
A B
B’s public key KUB B’s private key KRB
![Page 40: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/40.jpg)
40
Authentication using Public Key System
EncryptionAlgorithm
Decryption Algorithm
PlaintextP
PlaintextP
Ciphertext C
A B
A’s private key KRA A’s public key KUA
![Page 41: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/41.jpg)
41
Applications
• Three categories:a) Encryption/decryption:
• The sender encrypts a message with the recipient’s public key.
b) Digital signature / authentication: • The sender signs a message with its private key.
c) Key exchange: • Two sides cooperate to exhange a session key.
![Page 42: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/42.jpg)
42
Requirements
• Computationally easy for a party B to generate a key pair– Public key KUB
– Private key KRB
• Easy for sender to generate ciphertext: C = E (M, KUB)
• Easy for the receiver to decrypt ciphertext using private key:
M = D (C, KRB) = D (E (M, KUB), KRB)
![Page 43: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/43.jpg)
43
• Computationally infeasible to determine KRB knowing KUB.
• Computationally infeasible to recover message M, knowing KUB and ciphertext C.
• Either of the two keys can be used for encryption, with the other used for decryption:
M = D (E (M, KUB), KRB) = D (E (M, KRB), KUB)
![Page 44: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/44.jpg)
44
The RSA Public Key Algorithm
• RSA Algorithm– Developed by Ron Rivest, Adi Shamir and Len
Adleman at MIT, in 1977.– A block cipher.– The most widely implemented.
![Page 45: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/45.jpg)
45
The RSA Algorithm – Key Generation
1. Select p,q p and q both prime2. Calculate n = p x q3. Calculate 4. Select integer e5. Calculate d6. Public Key KU = {e,n}7. Private key KR = {d,n}
)1)(1()( −−=Φ qpn)(1;1)),(gcd( neen Φ<<=Φ
)(mod1 ned Φ= −
φ(n) is the number of positive numbers less than nand relatively prime to n (called Euler totient).
![Page 46: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/46.jpg)
46
The RSA Algorithm - Encryption
• Plaintext: M < n
• Ciphertext: C = Me (mod n)
![Page 47: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/47.jpg)
47
The RSA Algorithm - Decryption
• Ciphertext: C
• Plaintext: M = Cd (mod n)
![Page 48: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/48.jpg)
48
Example
• Select two prime numbers, p=7 and q=17.• Calculate n = pq = 7×17 = 119.• Calculate φ(n) = (p-1)(q-1) = 96.• Select e such that e is relatively prime to φ(n)=96,
and less than φ(n).– In this case, e=5.
• Determine d such that de = 1 (mod 96) and d<96.– d=77, because 77×5 = 385 = 4×96+1.
• Public key KU = {5,119}• Private key KR = {77,119}
![Page 49: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/49.jpg)
49
Example (contd.)
![Page 50: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/50.jpg)
50
The Security of RSA
• RSA is secure since– We use large number of bits in e and d.– The problem of factoring n into two prime factors is
computationally very difficult.• Knowing p and q will allow us to know Φ(n).• This will help an intruder to know the values of e and d.• Until recently, this was felt to be infeasible for numbers in the
range of 100 decimal digits or so (approximately 300 bits).• A worldwide team cooperating over the internet and using
1600 computers recently cracked the code in eight months.• Currently, a 1024-bit key size (about 300 decimal digits) is
considered strong enough for virtually all applications.– Key sizes in the range of 1024 to 2048 bits seems safe.
![Page 51: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/51.jpg)
51
Private and Public Key Systems: a Comparison
• Symmetric encryption/decryption is much faster than asymmetric encryption/ decryption:
RSA: kilobits/secondDES: megabits/second
⇓DES is about 100 times faster than RSA
![Page 52: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/52.jpg)
52
Diffie-Hellman Key Exchange
• Proposed in 1976.• Allows group of users to agree on secret
key over insecure channel.• Cannot be used to encrypt and decrypt
messages.• Depends for its effectiveness on the
difficulty of computing discrete logarithms.
![Page 53: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/53.jpg)
53
D-H Algorithm
• A and B want to agree on shared secret key.– They agree on two large numbers n and g, such
that 1<g<n.– A choose random x, computes X=gx mod n, and
sends X to B.– B chooses random y, computes Y=gy mod n, and
sends Y to A.– A computes k1= Yx mod n .– B computes k2= Xy mod n .
• Note: k1 = k2 = gyx mod n .
![Page 54: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/54.jpg)
54
B
X=gx mod n
Y=gy mod n
Choose x Choose y
Compute Yx mod n Compute Xy mod n
A
![Page 55: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/55.jpg)
55
D-H Algorithm: contd.
• Requires no prior communication between A and B.
• Security depends on difficulty of computing x, given X = gx mod n .
• Choices for g and n are critical.– Both n and (n-1)/2 should be prime.– n should be large.
• Susceptible to intruder-in-the-middle (man-in-the-middle) attack.– Active intruder.
![Page 56: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/56.jpg)
56
A B
Intruder
Man-in-the-Middle Attack
![Page 57: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/57.jpg)
57
A Comparison• Symmetric encryption/decryption is much
faster than asymmetric encryption/ decryption:
RSA: kilobits/secondDES: megabits/second
⇓DES is about 100 times faster than RSA
• Key size:– RSA: selected by user– DES: 56 bits
![Page 58: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/58.jpg)
58
Message Authenticationand
Hash Functions
![Page 59: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/59.jpg)
59
Approaches to Message Authentication
• Authentication using conventional encryption– Only the sender and receiver should share a key.
• Message authentication without message encryption– An authentication tag is generated and appended to
each message.• Message authentication code (MAC)
– Calculate the MAC as a function of the message and the key
MAC = F(M, K)
![Page 60: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/60.jpg)
60
Basic Idea of MAC
• Generate a small hash code (usually of fixed size) from a message of arbitrary size.– Transmit the hash code along with the message.– Common algorithms: MD5, SHA-0, SHA-1.
M
H MAC
M
MAC
![Page 61: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/61.jpg)
61
![Page 62: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/62.jpg)
62
Hash Functions: Classification
• Unkeyed hash function– Also known as modification detection code (MDC).– Used to preserve integrity of message.
• Keyed hash function– Also known as message authentication code (MAC)– Used to authenticate the source of a message in
addition to preserving integrity of the message.
![Page 63: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/63.jpg)
63
Hash Functions: Desirable Properties
• Collision: – A hash function H maps an infinite set to a finite
one.– So there must exist messages x and x′ such that
H(x) = H(x′). Such a pair (x,x′) of messages is called a collision for H.
• First preimage resistance: – Except for few hash values y, it should be difficult
to find a message x such that H(x) = y.
![Page 64: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/64.jpg)
64
• Second preimage resistance: – Given a message x, it should be difficult to find
another message x′ with the property that H(x) = H(x′).
• Collision resistance: – It should be difficult to find two messages x and x′
with H(x) = H(x′).
![Page 65: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/65.jpg)
65
Secure HASH Functions
• Purpose of the HASH function is to produce a fingerprint.
• Desirable properties of a HASH function H:– H can be applied to a block of data at any size.– H produces a fixed length output.– H(x) is easy to compute for any given x.– For any given block x, it is computationally infeasible to find
x such that H(x) = h.– For any given block x, it is computationally infeasible to find
some y, with H(y) = H(x), x ≠ y.– It is computationally infeasible to find any pair (x, y) such
that H(x) = H(y), x ≠ y.
![Page 66: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/66.jpg)
66
Hash Functions: Examples
• Custom-designed hash functions work based on the general principle described earlier.
• The MD family: MD2, MD4 and MD5 (128-bit hash).
• The SHA family: SHA-1 (160-bit), SHA-256 (256-bit), SHA-384 (384-bit) and SHA-512 (512-bit).
• RIPEMD-128 (128-bit), RIPEMD-160 (160-bit).
![Page 67: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/67.jpg)
67
One-way HASH function
![Page 68: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/68.jpg)
68
One-way HASH function
• Secret value is added before the hash and removed before transmission.
![Page 69: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/69.jpg)
69
Message Digest Generation Using SHA-1
![Page 70: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/70.jpg)
70
SHA-1 Processing of single 512-Bit Block
![Page 71: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/71.jpg)
71
Other Secure HASH functions
160 (5 paired rounds of 16)
64 (4 rounds of 16)
80 (4 rounds of 20)
Number of steps
264-1 bitsMaximum message size
512 bits512 bits512 bitsBasic unit of processing
160 bits128 bits160 bitsDigest length
RIPEMD-160MD5SHA-1
∞ ∞
![Page 72: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/72.jpg)
72
HMAC
• Use a MAC derived from a cryptographic hash code, such as SHA-1.
• Motivations:– Cryptographic hash functions executes faster in
software than encryption algorithms such as DES.– Library code for cryptographic hash functions is
widely available.– No export restrictions from the US.
![Page 73: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/73.jpg)
73
• HMAC (a keyed hash function)• Notations:
M = the message to be hashedH = an unkeyed hash functionK = key for HMACP,Q = short padding blocks (not secret).
HMAC(M) = H (K || P || H (K || Q || M))
• HMAC involves two calls of H.• HMAC is efficient, since the outer call involves
computation of hash of a short message.
![Page 74: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/74.jpg)
74
HMAC Structure
![Page 75: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/75.jpg)
75
Hash Function: Attacks
• Birthday attack: – Let H be a hash function that produce n-bit hash values. If
about 2n/2 random messages are hashed by H, then it is highly probable that we have found two messages x and x′satisfying H(x) = H(x′).
– The bit-size n of hash values should be at least as large as 128. The values greater than or equal to 160 are recommended.
• Other attacks:– Attacks on the compression function– Chaining attacks– Attacks on the underlying block cipher
![Page 76: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/76.jpg)
76
Digital Signatures
![Page 77: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/77.jpg)
77
Digital Signatures: Introduction
• Digital equivalent of hand-written signatures.• Bind pieces of digital data with particular entities.• Based on public-key technology.• Signing:
– The signer uses his private key ‘d’ to sign.• Difficulty of forging:
– An entity without knowledge of this private key ‘d’cannot generate a valid signature on a new piece of data.
![Page 78: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/78.jpg)
78
• Verifying: – Anybody having access to the signer’s public key
‘e’ can verify the signature.• Non-repudiation:
– An entity should not be allowed to deny valid signatures made by him.
![Page 79: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/79.jpg)
79
Digital Signatures: Classification
• Signature with appendix:– A representative H(M) of the message M is computed. The
signing transformation is applied on H(M). Verification requires the message M.
– Signature generation:• m = H(M)
s = fs(m,d)Output the signed message (M,s).
– Signature verification:• Compute m = H(M)
Compute m′ = fv(s,e)If (m=m′) output “signature verified” else output “signature not verified”
![Page 80: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/80.jpg)
80
• Signature with message recovery: – The signing transformation is applied to the message itself.
The verification transformation retrieves the message.– Signature generation:
• Compute the signature s = fs(M,d)– Signature verification:
• Recover the message M′ = fv(s,e)If M′ looks like a valid message,
output “signature verified”else
output “signature not verified”
![Page 81: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/81.jpg)
81
Digital Signatures: Classification
• Deterministic signatures: – For a given message the same signature is generated on
every occasion the signing algorithm is executed.• Probabilistic signatures:
– On different runs of the signing algorithm different signatures are generated, even if the message remains the same.
• Probabilistic signatures offer better protection against some kinds of forgery.
• Deterministic signatures are of two types:– Multiple-use signatures:
• Slow. Parameters are used multiple times.– One-time signatures:
• Fast. Parameters are used only once.
![Page 82: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/82.jpg)
82
Digital Signatures: Examples
• RSA with appendix
– Parameter selection:• Select two large primes p and q.
Compute n = pq and f(n) = (p - 1)(q - 1).Select a random integer e with gcd(e,f(n)) = 1.Compute an integer d satisfying ed = 1 (mod f(n)).
Publish (e,n) as the verification key.Keep d secret as the signing key.
![Page 83: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/83.jpg)
83
• Signature generation:– Generate the short representative m = H(M) of M.
Sign m as s = md (mod n).Output (M,s) as the signed message.
• Signature verification:– Generate the short representative m = H(M) of M.
Invert signature as m’ = se (mod n).If (m = m’), output “signature verified”,else output “signature not verified”.
• Forging: – If any key other than d is used to sign m, the equality m = m’ will
not be satisfied. So forging RSA signatures is as difficult as knowing d.
![Page 84: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/84.jpg)
84
Digital Signatures: Examples
• RSA with message recovery– Parameter selection: Same as before.
• Signature generation:– Compute s = Md (mod n).
Output the signature s.• Signature verification:
– Compute M’ = se (mod n).If M’ is a valid message, output “signature verified”,else output “signature not verified”.
• Forging:– If any key other than d is used to generate s, the recovered
message M’ will almost certainly look like a meaningless sequence of symbols.
![Page 85: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/85.jpg)
85
Digital Signatures: Blind Signatures
• The signer is not allowed to know the message to sign. Still hisactive participation is necessary for signing.
• Blind RSA signature:
Parameter generation: As before.
Signature generation:
– A generates a random integer k coprime to n.A blinds m as m* = mke (mod n).B signs s* = (m*)d (mod n).A retrieves B’s signature s = s*k-1 (mod n).
• Signature verification: As before.
![Page 86: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/86.jpg)
86
Digital Signatures: Undeniable Signatures
• An active participation of the signer is necessary during signature verification.
• A signer is not allowed to deny a legitimate signature made by him.
• An undeniable signature comes with a denial or disavowal protocol that generates one of the following three outputs:– Signature verified– Signature forged– The signer is trying to deny his signature by not properly
participating in the protocol.
![Page 87: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/87.jpg)
87
Digital Signatures: Attacks
• Total break: – An attacker knows the signing key or has a
function that is equivalent to the signature generation transformation.
• Selective forgery: – An attacker can generate signatures (without the
participation of the legitimate signer) on a set of messages chosen by the attacker.
• Existential forgery: – The attacker can generate signatures on certain
messages over which the attacker has no control.
![Page 88: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/88.jpg)
88
Digital Signatures: Attacks
• Key-only attack: – The attacker knows only the verification (public)
key of the signer. This is the most difficult attack to mount.
• Known-message attack: – The attacker knows some messages and the
signatures of the signer on these messages.• Chosen-message attack:
– This is similar to the known-message attack except that the messages for which the signatures are known are chosen by the attacker.
![Page 89: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/89.jpg)
89
• Adaptive chosen-message attack: – The messages to be signed are adaptively chosen
by the attacker.
![Page 90: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/90.jpg)
90
Digital Certificates
![Page 91: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/91.jpg)
91
Digital Certificates: Introduction
• Bind public-keys to entities.• Required to establish the authenticity of public keys.• Guard against malicious public keys.• Promote confidence in using others’ public keys.• Require a Certification Authority (CA) whom every
entity over a network can believe. Typically, a government organization or a reputed company can be a CA.
• In case a certificate is compromised, one requires to revoke it.
• A revoked certificate cannot be used to establish the authenticity of a public key.
![Page 92: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/92.jpg)
92
Digital Certificates: Contents
• A digital certificate contains particulars about the entity whose public key is to be embedded in the certificate. It contains:– Name, address and other personal details of the entity.– The public key of the entity. The key pair may be
generated by either the entity or the CA. If the CA generates the key pair, then the private key is handed over to the entity by trusted couriers.
• The certificate is digitally signed by the private key of the CA.
• If signatures are not forgeable, nobody other than the CA can generate a valid certificate for an entity.
![Page 93: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/93.jpg)
93
Digital Certificates: Revocation
• A certificate may become invalid due to several reasons:– Expiry of the certificate– Possible or suspected compromise of the entity’s private
key• An invalid certificate is revoked by the CA.• The CA maintains a list of revoked certificates — the
Certificate Revocation List (CRL).• An entity A willing to use B’s public key looks up the
certificate for B’s public key. If the CA’s signature is verified on this certificate and if the certificate is not found in the CRL, then A gains the desired confidence to use B’s public key.
![Page 94: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/94.jpg)
94
Network Security Principles in Use
![Page 95: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/95.jpg)
95
Authentication Application:: KERBEROS
• Users wish to access services on servers.• Three threats exist:
– User pretend to be another user.– User alter the network address of a computer.– User eavesdrop on exchanges and use a replay
attack.
![Page 96: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/96.jpg)
96
• Provides a centralized authentication server (AS) to authenticate users to servers and servers to users.
• Relies on conventional encryption.– Makes no use of public-key encryption.
• Two versions: version 4 and 5.• Version 4 makes use of DES.
![Page 97: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/97.jpg)
97
![Page 98: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/98.jpg)
98
Electronic Mail Security:: Pretty Good Privacy (PGP)
• PGP provides a confidentiality and authentication service that can be used for electronic mail and file storage applications.
• Why popular?– It is available free on a variety of platforms.– Based on well known algorithms.– Wide range of applicability.
![Page 99: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/99.jpg)
99
• Summary of PGP services:
Radix-64 ConversionEmail Compatibility
ZIPCompression
CAST or IDEA or 3-key Triple DES with Diffie-Hellman or RSA
Message Encryption
DSS/SHA or RSA/SHA
Digital Signature
Algorithm UsedFunction
![Page 100: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/100.jpg)
100
Authentication Only Service
MH EP || Z
KRA
Z-1M
DP
KUA
H
=?
Sour
ce A
Des
tinat
ion
B
![Page 101: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/101.jpg)
101
Confidentiality Only Service
MZ EC ||
EP
KUB
KS
DP
KRB
DC Z-1M
KS
Sour
ce A
Des
tinat
ion
B
![Page 102: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/102.jpg)
102
PGP Cryptographic Functions
![Page 103: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/103.jpg)
103
Secure Socket Layer (SSL)
• SSL was first used by Netscape.– To ensure security of data sent through HTTP,
LDAP or POP3.• Uses TCP to provide reliable end-to-end
secure service.• In general, SSL can be used for secure data
transfer for any network service running over TCP/IP.
![Page 104: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/104.jpg)
104
HTTP LDAP POP3
SSL
TCP/IP
Application Layer
Network Layer
![Page 105: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/105.jpg)
105
• The main objectives of SSL are:– Authenticate the client and server to each other.– Ensure data integrity.– Ensure data privacy.
• Required for both the protocol data and also the application data.
![Page 106: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/106.jpg)
106
SSL Architecture
• SSL consists of two layers of protocols:– SSL Record Protocol
• Ensures data security and integrity.– Protocols required to establish SSL connection.
• Three protocols used in this layer: SSL Handshake ProtocolSSL ChangeCipherSpec ProtocolSSL Alert Protocol
![Page 107: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/107.jpg)
107
SSL Handshake
Protocol
SSL ChangeCipherSpec
Protocol
SSL Alert
Protocol
Application Protocol
(HTTP, etc.)
SSL Record Protocol
TCP
IP
![Page 108: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/108.jpg)
108
SSL Record Protocol
• Mainly responsible for data encryption and integrity.
• Basic function:– Take an application message to be sent.– Fragment the application message data.
• 16 Kbytes or smaller.– Encapsulate it with appropriate headers and
create an object called a record.– Encrypt the record and forward it to TCP.
![Page 109: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/109.jpg)
109
Application Data
Fragments
Compressed data
Add MACMAC
Encrypt data
HTCP packetH: SSL record
header
![Page 110: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/110.jpg)
110
The Higher Layer Protocols
• SSL Alert Protocol– Used to send session messages associated with
data exchange and functioning of the protocol.– Each message consists of two bytes:
• First byte is either 1 (warning) or 2 (fatal). If “fatal”, the SSL session is terminated.
• Second byte contains one of the defined error codes.
![Page 111: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/111.jpg)
111
• SSL ChangeCipherSpec Protocol– Consists of a single message that carries the
value of 1.– Purpose of this message is to cause the pending
session state to be established as a fixed state.• Define the set of protocols to be used.• Must be sent from client to server, and vice versa.
![Page 112: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/112.jpg)
112
• SSL Handshake Protocol– Used to initiate a session between the server and
the client.– Within the application data, algorithms and keys
used for data encryption can be negotiated.– Provides mutual authentication.– Process of negotiation divided into four phases.
![Page 113: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/113.jpg)
113
– Client sends to the server• SSL version• Random (used to protect key exchange)• Session ID• CipherSuite
– Server sends back• SSL version• Random (a different number is generated)• Session ID• CipherSuite
![Page 114: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/114.jpg)
114
Transport Layer Security (TLS)
• Extension of SSL.• Aim is to provide security and data integrity
features at the transport layer between two web applications.
• Supported my most web servers and browsers today.
![Page 115: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/115.jpg)
115
Secure Shell (SSH)
• Originally developed in 1995.– As a secure replacement for telnet, rlogin, rcp,
etc.– Allows port forwarding (tunneling over SSH).– Built-in support for proxies/firewalls.
• Widely used nowadays.
![Page 116: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/116.jpg)
116
• In SSHv1 protocol, the server uses two keys:– Long-term server identification key.
• Binds the connection to the server.• 1024 bit RSA.
– Short-term encryption key, changed every hour.• Makes later recovery impossible.• Short-term keys are regenerated as a background task.• 768 bit RSA.
![Page 117: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/117.jpg)
117
• Multiple authentication mechanisms– Straight passwords (protected by SSH encryption).– RSA based authentication.
• Client decrypts a challenge from the server; returns the hash to the server.
– Plug-in mechanisms (biometrics, smartcard, etc.).
![Page 118: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/118.jpg)
118
IP Security (IPSec)
• Security built into the IP layer.– Provides host-to-host (or firewall-to-firewall)
encryption and authentication.– Required for IPv6, but optional for IPv4.
• Consists of two parts:– IPSec proper (for encryption and authentication).– IPSec key management.
![Page 119: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/119.jpg)
119
IPSec
• Provides two modes of protection– Tunnel Mode– Transport Mode
• Authentication and Integrity• Confidentiality• Replay Protection
![Page 120: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/120.jpg)
120
• Protection in Tunnel Mode– Encapsulates the entire IP packet within IPSec
protection.– Tunnels can be created between several different
node types:• Firewall to firewall• Host to firewall• Host to host
![Page 121: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/121.jpg)
121
• Protection in Transport Mode– Encapsulates only the transport layer information
within IPSec protection.– Can only be created between host nodes.
• Authentication and Integrity– Verifies the origin of data.– Assures that data sent is the data received.– Assures that the network headers have not
changed since the data was sent.
![Page 122: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/122.jpg)
122
• Confidentiality– Encrypts data to protect against eavesdropping.– Can hide data source when encryption is used
over a tunnel.• Replay Prevention
– Causes transmitted packets to be dropped.
![Page 123: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/123.jpg)
123
• Problems with IPSec– Excessively complex and difficult to use.– Does now allow use of NAT.– Routers need to be made IPSec aware.
![Page 124: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/124.jpg)
124
Secure HTTP (S-HTTP)
• An extension to the HTTP protocol to support sending data securely over the web.
• Difference from SSL:– SSL is designed to establish a secure connection
between two hosts.– s-HTTP is designed to send individual messages
securely.
![Page 125: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/125.jpg)
125
• Some Features:– Provides a variety of security mechanisms to HTTP
clients and servers.– Does not require client-side public certificates (or
public keys), as it supports symmetric key-only operation modes.
– Provides full flexibility of cryptographic algorithms.• s-HTTP and HTTPS are not the same.• HTTPS is an alternative to s-HTTP.
– HTTP runs on top of SSL or TSL.
![Page 126: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/126.jpg)
126
Penetration Testing and Ethical Hacking
![Page 127: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/127.jpg)
127
What is a Penetration Test?
• A process of actively evaluating the information security measures in an organization.
• Most common procedure:– The security measures are actively analyzed for
design weaknesses, technical flaws and vulnerabilities.
– Results are delivered in a comprehensive report.
![Page 128: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/128.jpg)
128
Ethical Hacking ….
• Definition of ethical hacking– A situation where a computer and network expert
attacks a security system on behalf of its owners, seeking vulnerabilities that a malicious hacker could exploit.
– To test a security system, ethical hacking uses the same methods as their less principled counterparts (hackers), but report problems instead of taking advantage of them.
• Also called penetration testing.
![Page 129: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/129.jpg)
129
Why is it Required?
• There are several reasons why organizations choose to perform a penetration test.– To identify the threats facing the information
assets of the organization.– Reduce the IT security costs by identifying and
resolving vulnerabilities and weaknesses.– Provide the organization with information
assurance.– Gain and maintain certification to an industry
regulation (BS7789, HIPAA, etc.).
![Page 130: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/130.jpg)
130
Types of Tests
1. External Penetration Testing– This is the traditional approach.– The testing is focused on servers, infrastructure,
and the underlying software (OS, database, etc.).– Two broad approaches:
• Black box testing: performed with no prior knowledge of the infrastructure to be tested.
• White box testing: performed with full disclosure of the topology and the environment.
![Page 131: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/131.jpg)
131
– This basically involves the following:• Comprehensive analysis of publicly available
information about the target.• Identification and analysis of the target hosts.• Analysis of the behavior of security devices like
screening routers and firewalls.• Identification and analysis of the vulnerabilities within
the target hosts.
![Page 132: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/132.jpg)
132
2. Internal Penetration Testing– Follows a methodology similar to external
testing.– Provides a more complete view of the site
security.– Testing is typically carried out from a number of
network access points, representing each logical and physical segment.• Can include DMZ, VPNs, subnets, etc.
![Page 133: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/133.jpg)
133
3. Application Security Assessment– To identify and assess threats to the organization
through proprietary applications or systems.– The application must not expose the underlying
servers and software to attack.– A malicious user should not be able to access,
modify, or destroy data or services within the system.
– Even in a well-deployed and secured infrastructure, a weak application can expose the organization’s assets to risk.
![Page 134: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/134.jpg)
134
4. Remote Access Security Assessment– This addresses the security risks associated
with an increasingly mobile workforce.• Working from home• Broadband always-on Internet access• 802.11 wireless networking
– Increased exposure by extending the traditional perimeter of the organization.
![Page 135: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/135.jpg)
135
Some of the Typical Areas
• Network Security– Network surveying– Port scanning– System identification– Services identification– Router testing– Firewall testing– Intrusion detection system testing– Trusted systems testing– Password cracking– Denial of service testing
![Page 136: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/136.jpg)
136
• Wireless Security– Wireless networks testing– WEP security testing– Infrared systems testing– Cordless communications testing
Other areas include “Information Security”, “Social Engineering”, “Physical Security”, etc.
![Page 137: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/137.jpg)
137
About the Tools to be Used
• Tools are essential for automating the penetration testing process.
• Where to find the tools?– A number of commercial tools are available.
• They work by using sets of thousands of pre-defined signatures that can identify vulnerabilities in a system.
• Signatures need to be updated on a regular basis.– Open-source tools that are freely available.
• Also called “hacker tools”, and are often made available on “hacker” web sites.
![Page 138: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/138.jpg)
138
• May range from very professionally developed and maintained tools, to poorly documented scripts meant to perform specific tasks.
• Special care must be taken to ensure that the tools themselves do not contain virus or any other malicious contents.
– Specialist penetration testing providers can develop their own tools.
• Because available tools are mostly incomplete, and multiple tools need to be used.
• Many vulnerabilities are not covered by them.
![Page 139: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/139.jpg)
139
Hacker Web SItes
• Some pointers …. there are many many morehttp://www.hackthissite.org/http://www.happyhacker.org/http://www.2600.com/http://hackaday.com/
![Page 140: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/140.jpg)
140
![Page 141: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/141.jpg)
141
![Page 142: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/142.jpg)
142
![Page 143: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/143.jpg)
143
![Page 144: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/144.jpg)
144
References
1. Cryptography and Network Security: Principles and Practice, 2nd
Edition, William Stallings, Prentice Hall, New Jersey, 1999.2. Network Security Essentials: Applications and Standards, William
Stallings, Pearson Education Asia, 2000.3. Applied Cryptography, B. Schneier, Wiley, New York, 1996.4. Internet Cryptography, R. Smith, Addison Wesley, MA, 1997.5. Handbook of Applied Cryptography, A.J. Menezes, et al.
http://www.cacr.math.uwaterloo.ca/hac/6. Journals
– IEEE Transactions on Information Theory– Computer Security– Communications of the ACM– IEEE Communications Magazine– Computer Communications Review
7. The Internet
![Page 145: Network Security - IITKGP](https://reader031.vdocument.in/reader031/viewer/2022012506/6181d3659d20530a525f2c9c/html5/thumbnails/145.jpg)
145