OverviewOverview
Security servicesSecurity services Security threatsSecurity threats EncryptionEncryption Conventional encryptionConventional encryption Conventional encryption algorithmsConventional encryption algorithms Public key encryptionPublic key encryption Public key encryption algorithmsPublic key encryption algorithms Message authenticationMessage authentication IPv4 and IPv6 securityIPv4 and IPv6 security
Security ServicesSecurity Services
ConfidentialityConfidentiality IntegrityIntegrity AuthenticationAuthentication Access controlAccess control Non-repudiationNon-repudiation AvailabilityAvailability
Security threatsSecurity threatsInformation source
Information destination
a) Normal flow
b) Interruption c) Interception
d) Modification e) Fabrication
Security threatsSecurity threats
Interruption – attack on availabilityInterruption – attack on availability Interception – attack on Interception – attack on
confidentialityconfidentiality Modification – attack on integrityModification – attack on integrity Fabrication – attack on authenticityFabrication – attack on authenticity
Security threatsSecurity threats Passive attacks – eavesdropping on or Passive attacks – eavesdropping on or
monitoring of transmissionsmonitoring of transmissions Release of message contentsRelease of message contents Traffic analysisTraffic analysis
Active attacks – modification of the data Active attacks – modification of the data stream or creation of a false streamstream or creation of a false stream MasqueradeMasquerade ReplayReplay Modification of messageModification of message Denial of serviceDenial of service
EncryptionEncryption
Encryption = the tool used for Encryption = the tool used for network and communication securitynetwork and communication security
It protects against passive attacksIt protects against passive attacks
Types:Types: Conventional encryptionConventional encryption Public-key encryptionPublic-key encryption Hybrid of the precedent onesHybrid of the precedent ones
Conventional EncryptionConventional Encryption
Two parties share a single Two parties share a single encryption/decryption keyencryption/decryption key
Encryption algorithm(e.g. DES)
Decryption algorithm
Plaintext input
Secret key Secret key
Plaintext output
Transmittedciphertext
Conventional Conventional encryptionencryption
Approaches to attacking a Approaches to attacking a conventional encryption scheme:conventional encryption scheme: Cryptanalysis – relies on the nature of the Cryptanalysis – relies on the nature of the
algorithms and some plaintext-ciphertext algorithms and some plaintext-ciphertext pairspairs
Brute-force attacks – try every possible keyBrute-force attacks – try every possible key
Time for key searchTime for key search
Key size (bits)
Number of alternative keys
Time required at1 encryption/sec
Time required at106 encryptions/sec
32 232 = 4.3x109 231 sec = 35.8 mins 2.15 millisecs56 256 = 7.2x1016 1142 years 10.01 hours128 3.4x1038 5.4x1024 years 5.4x1018 years
Conventional encryption Conventional encryption algorithmsalgorithms
Block ciphers – process the plaintext Block ciphers – process the plaintext input in fixed-size blocks and input in fixed-size blocks and produce a block of ciphertext of produce a block of ciphertext of equal size for each plaintext blockequal size for each plaintext block
It is symmetricIt is symmetric DES (Data encryption standard)DES (Data encryption standard)
DEA (Data encryption algorithm)DEA (Data encryption algorithm) TDEA (Triple data encryption algorithm)TDEA (Triple data encryption algorithm)
AES (Advanced encryption standard)AES (Advanced encryption standard)
DEADEA DES was developed by NISTDES was developed by NIST DEA key size is 56 bits and the blocks are of 64 bitsDEA key size is 56 bits and the blocks are of 64 bits Since 1977, every 5 years, NIST approved DES for useSince 1977, every 5 years, NIST approved DES for use In 1997, NIST solicited a new secret key algorithm In 1997, NIST solicited a new secret key algorithm
called Advanced Encryption Standard (it uses 128-bit called Advanced Encryption Standard (it uses 128-bit block size and a key length of minimum 128 bits)block size and a key length of minimum 128 bits)
In 1998 EFF (Electronic Frontier Foundation) In 1998 EFF (Electronic Frontier Foundation) announced that it had broken DESannounced that it had broken DES
In October 2000, successor to DES was selected and it In October 2000, successor to DES was selected and it was called Rijndaelwas called Rijndael
Double and triple DES is also commonDouble and triple DES is also common Triple DEA uses 3 keys and 3 executions of DEA:Triple DEA uses 3 keys and 3 executions of DEA: C = EC = Ek3k3[D[Dk2k2[E[Ek1k1[P]]][P]]] Its key length is of 168 bitsIts key length is of 168 bits
Location of encryption Location of encryption devicesdevices
Link encryptionLink encryption Decrypt each packet Decrypt each packet
at every switchat every switch End-to-end End-to-end
encryption encryption the source encrypts the source encrypts
and the destination and the destination decryptsdecrypts
HybridHybrid Both link and end-Both link and end-
to-end are neededto-end are needed High securityHigh security
Key distributionKey distributionFor encryption to work over a network, the twoFor encryption to work over a network, the twoparties (sender and receiver) must exchange andparties (sender and receiver) must exchange andshare the same keys, while protecting access to share the same keys, while protecting access to
thethekeys from others.keys from others. A key could be selected by A and physically A key could be selected by A and physically
distributed to Bdistributed to B A third party could select the key and physically A third party could select the key and physically
deliver it to A and B.deliver it to A and B. If A and B have previously and recently used a key, If A and B have previously and recently used a key,
one party could transmit the new key to the other, one party could transmit the new key to the other, encrypted using the old keyencrypted using the old key
If A and B could have an encrypted connection to a If A and B could have an encrypted connection to a third party C, C could deliver a key on the encrypted third party C, C could deliver a key on the encrypted link to A and Blink to A and B
Public key encryptionPublic key encryption Public key algorithms are based on Public key algorithms are based on
mathematical function rather than on mathematical function rather than on simple operations on bit patternssimple operations on bit patterns
Public key cryptography is asymmetric, Public key cryptography is asymmetric, involving the use of two separate keysinvolving the use of two separate keys
The key ingredients are similar to that of The key ingredients are similar to that of conventional secret key algorithms, conventional secret key algorithms, except that there are two keys – a public except that there are two keys – a public key and a private key used as input to the key and a private key used as input to the encryption and the decryption algorithmencryption and the decryption algorithm
Public key encryptionPublic key encryption
Encryption algorithm(e.g. RSA)
Decryption algorithm
Plaintext input
Destination’s public key
Destination’s private key
Plaintext output
Transmittedciphertext
Public key encryptionPublic key encryption Steps:Steps:
Generation of a pair of keys to be used Generation of a pair of keys to be used for encryption and decryption of messagefor encryption and decryption of message
Placing one of the keys in a public Placing one of the keys in a public register and maintaining a collection of register and maintaining a collection of public keys from the other userspublic keys from the other users
Encrypting the message with the Encrypting the message with the destination’s public keydestination’s public key
When the destination receives the When the destination receives the message, it decrypts it with the private message, it decrypts it with the private keykey
Digital signatureDigital signature
Encryption algorithm(e.g. RSA)
Decryption algorithm
Plaintext input
Source’s private key
Source’s public key
Plaintext output
Transmittedciphertext
Safe from alteration but not safe from eavesdropping
Public key encryption Public key encryption algorithmsalgorithms
RSA – invented in 1973 by three MIT RSA – invented in 1973 by three MIT professorsprofessors
In contrast to DES, RSA uses sophisticated In contrast to DES, RSA uses sophisticated mathematics instead of simple manipulation mathematics instead of simple manipulation and substitutionand substitution
Mostly 1024 bit keys are usedMostly 1024 bit keys are used Public key encryption and decryption using Public key encryption and decryption using
RSA is 1000 times slower than secret key RSA is 1000 times slower than secret key methods using DESmethods using DES
DSA (Digital signature algorithm) – used for DSA (Digital signature algorithm) – used for digital signaturesdigital signatures
DSA was proposed by NISTDSA was proposed by NIST
Hybrid of Conventional and Hybrid of Conventional and Public key encryptionPublic key encryption
A encrypts the message using A encrypts the message using conventional encryption with a one-conventional encryption with a one-time conventional session keytime conventional session key
A encrypts the session key using A encrypts the session key using public key encryption with B’s public public key encryption with B’s public keykey
Attach the encrypted session key to Attach the encrypted session key to the message and send it to Bthe message and send it to B
Message Authentication Message Authentication and Hash functionand Hash function
It protects against active attacksIt protects against active attacks It proves that the message has not It proves that the message has not
been altered and that the source is been altered and that the source is authenticauthentic
MAC (Message Authentication Code)MAC (Message Authentication Code)M
MAC algo MAC
K
M M MAC algo
Compare
K
One-way Hash FunctionOne-way Hash Function
It accepts a variable-size message M It accepts a variable-size message M as input and produces a fixed-size as input and produces a fixed-size message digest H(M) as outputmessage digest H(M) as output
H(M) is sent with the messageH(M) is sent with the message It does not take a secret key as inputIt does not take a secret key as input The message digest can be encrypted The message digest can be encrypted
using using Conventional encryptionConventional encryption Public-key encryptionPublic-key encryption Secret valueSecret value
Message digest Message digest encrypted using encrypted using
conventional encryptionconventional encryption
M
H
E
M M H
Compare
D
K K
Message digest Message digest encrypted using public-encrypted using public-
key encryptionkey encryption
M
H
E
M M H
Compare
D
Kprivate Kpublic
Message digest Message digest encrypted using secret encrypted using secret
valuevalue
M
H
M M H
Compare
Secure Hash FunctionSecure Hash Function Requirements:Requirements:
H can be applied to a block of data of any sizeH can be applied to a block of data of any size H produces a fixed-length outputH produces a fixed-length output H(H(xx) is easy to compute for every ) is easy to compute for every xx For any given code For any given code hh, it is computationally , it is computationally
infeasible to find infeasible to find x x such that H(such that H(xx)=)=hh For any given block For any given block x, x, it is computationally it is computationally
infeasible to find infeasible to find yy!=!=x x with H(with H(yy)=H()=H(xx)) It is computationally infeasible to find any pair It is computationally infeasible to find any pair
(x,y) (x,y) s.t. H(s.t. H(xx)=H()=H(yy)) One of the most important hash function is One of the most important hash function is
SHA-1 (every bit of the hash code is a SHA-1 (every bit of the hash code is a function of every bit in the input)function of every bit in the input)
IPv4 and IPv6 securityIPv4 and IPv6 security Need to secure the network infrastructure Need to secure the network infrastructure
against unauthorized monitoring and against unauthorized monitoring and control of network traffic and the need to control of network traffic and the need to secure end-user-to-end-user traffic using secure end-user-to-end-user traffic using authentication and encryption mechanismsauthentication and encryption mechanisms
In response, IAB included authentication and In response, IAB included authentication and encryption as necessary security features in encryption as necessary security features in IPv6IPv6
IPSec provides the capability to secure IPSec provides the capability to secure communication across a LAN, across private communication across a LAN, across private and public WANs and across the Internetand public WANs and across the Internet
The principal feature of IPSec: it can encrypt The principal feature of IPSec: it can encrypt and/or authenticate and/or authenticate allall traffic at the IP level traffic at the IP level
IPv4 and IPv6 securityIPv4 and IPv6 security
IPSec’s main facilities:IPSec’s main facilities: AH (Authentication Header) – an authentication-AH (Authentication Header) – an authentication-
only functiononly function Provides support for data integrity and authentication of Provides support for data integrity and authentication of
IP packetsIP packets ESP (Encapsulating Security Payload) – a ESP (Encapsulating Security Payload) – a
combined authentication/encryption functioncombined authentication/encryption function Provides confidentiality services, including Provides confidentiality services, including
confidentiality of message contents and limited traffic confidentiality of message contents and limited traffic flow confidentialityflow confidentiality
A key exchange functionA key exchange function Manual key managementManual key management Automated key managementAutomated key management
Security associationSecurity association
It is a one-way relationship between a It is a one-way relationship between a sender and a receiver that affords sender and a receiver that affords security services to the traffic carried security services to the traffic carried on iton it
It can be identified by:It can be identified by: SPI (Security parameters index)SPI (Security parameters index) IP destination address: only unicast IP destination address: only unicast
addresses are allowedaddresses are allowed Security protocol identifier: AH or ESP SASecurity protocol identifier: AH or ESP SA
IPv4 and IPv6 securityIPv4 and IPv6 security AH and ESP support two modes of use:AH and ESP support two modes of use:
Transport modeTransport mode Provides protection primarily for upper-layer Provides protection primarily for upper-layer
protocolsprotocols Provides protection to the payload of an IP packetProvides protection to the payload of an IP packet Typically used for end-to-end communication Typically used for end-to-end communication
between hostsbetween hosts Tunnel modeTunnel mode
Provides protection to the entire IP packetProvides protection to the entire IP packet Used when one or both ends of an SA is a security Used when one or both ends of an SA is a security
gateway, such as a firewall or router that gateway, such as a firewall or router that implements IPSecimplements IPSec