Network Security
Cypher security
The security of a cipher (like a substitution cipher) may rest in the secrecy of its restricted algorithm. Whenever a user leaves a group, the algorithm must change.
Firewall restrictions
Restrict incoming and outgoing traffic by IP address, ports, or users. Block invalid packets. Concentrates security, but useless against insider attacks and has a single point of failure.
Botnet
A collection of compromised machines running programs. Used to DDoS etc.
Hash Functions
Map a message to a smaller value (hash). One way. Public description, No key. - Compression - Ease of computation MD5 hash function widely used: - Compute 128-bit message digest in 4-step process - Arbitrary 128-bit string x, appears difficult to construct message m whose MD5 hash is equal to x
Firewall: Screened subnet
Most secure. Two packet-filtering routers are used. Creation of an isolated sub-network which cannot construct direct routes to the internet, and the internet cannot see the subnet.
Network address translation
NAT is included as part of a router and is often part of a corporate firewall. Maps: •A local IP address to one global IP address statically •A local IP address to any of a rotating pool of global IP addresses that a company may have •A local IP address plus a particular TCP port to a global IP address or one in a pool of them •A global IP address to any of a pool of local IP addresses on a round-robin basis Users can see out, but the Internet cannot see in. Extra security measure.
Internet Key Exchange Phase 1
Negotiate protection suite by each peer agreeing on a common (shared) IKE policy, Use Diffie-Hellman to establish shared secret, unidirectional IKE SA Aggressive mode: 3 messages exchanged: -> list of protection suites, Diffie-Hellman public key value, his nonce and his identity <- selected protection suite, Diffie-Hellman public value, his nonce, his identity, and authentication payload -> authentication payload Main mode: • Negotiate crypto algorithms (2 rounds) • Alice and Bob do anonymous Diffie- Hellman key exchange (2 rounds) • Alice sends "Alice" plus a proof that she is Alice, all encrypted using g^(ab)
Non-repudiation
Offer of evidence that a party indeed is the sender or a receiver of certain information
Confidentiality
protection of any information from being exposed to unintended entities. Only sender, intended receiver can "understand" msg (encryption -> decryption)
Data Encryption Standard (DES)
• 64 bit block size cipher • 56 bit key size
Certificates
• Certificates ≠ Signature (certificates are implemented with sigs) • Certificates ≠ Authentication (authentication can be implemented with certificates)
Firewall design
• Default deny: everything not expressly permitted is prohibited. Not permissive. • Default permit: everything not expressly prohibited is permitted, sysadmin reacts to threats as discovered
Security Model
• Design an algorithm for performing the security-related transformation • Generate the security information to be used with the algorithm • Develop methods for the distribution and sharing of the security information • Specify a protocol to be used by the two principals
Outbound Packet Processing
• Form ESP payload • Pad as necessary • Encrypt result [payload, padding, pad length, next header] • Authenticate • Anti replay (uses a counter that increments, with a value attached to the packet)
Asymmetric key (aka public key) Cyphers
• Pair of keys: one encrypts and another decrypts • One key (the private key) must be kept secret; the other key (the public key) can be freely disclosed • Slow • Difficult key generation
Inbound Packet Processing
• Sequence number checking (number checked and duplicate packets discarded) • Packet decryption (Decrypt quantity [ESP payload,padding,pad length,next header] per SA specification) • Authentication verification
Replay Attack
1) A →B : { Pay Eve £5 }for kabab 2) E →B : { Pay Eve £5 }for kabab Attacker can repeat messages!
Monitor & response
Facilities for monitoring security attacks, generating indications, surviving (tolerating) and recovering from attacks.
Access control
Facilities to determine and enforce who is allowed access to what resources, hosts, software, network connections.
Firewall configurations
Firewall systems often support NAT. Bastion Host: - A system identified by the administrator as a critical strong point in the network's security - The bastion host serves as a platform for an application level gateway • Screened host dual-homed • Screened subnet
RSA Security
- Relation to factoring • n = pxq • given n, p and q are hard to calculate (NP) - Discrete logarithm • C = M^e mod n • given C, e, and n, M is hard to calculate (NP) - Long keys
Public Key Infrastructure (PKI)
- Secure, reliable, and scalable method for distributing public keys. - "Binds" the owner to the public key using a digital certificate. PKI is a key management solution.
Authenticated Header
- Data integrity (entire packet has not been tampered with) - Authentication (Can "trust" IP address source,uses MAC to authenticate) - Anti-replay feature - Integrity check BEING MADE OBSOLETE BY ESP
Password Guessing
- Dictionary attack - Brute force
Firewall: Screened host dual-homed
- In single-homed, if packet-filtering router is completely compromised, traffic flow directly to private network - In dual-homed, traffic between the Internet and other hosts on the private network has to flow through the bastion host too
Firewall: Screened host single-homed
- A packet-filtering router, only packets from and to the bastion host are allowed to pass through the router - A bastion host performs authentication and proxy function • Greater security than single configurations
Digital Signature Verification
- hash the data - decrypt the signature with the sender's public key - the result of which should match the hash
Digital Signatures
- hash the data - encrypt the hash with the sender's private key to get a signature - send data with the signature
Security Parameter Index
A 32 bit entry that uniquely identifies an SA at the receiver end. Sent with the packet
Security Association
A Security Association (SA) is the establishment of shared security attributes between two network entities to support secure communication. Includes attributes such as: cryptographic algorithm and mode; traffic encryption key; and parameters for the network data. Data flows one way.
Security Association Bundle
A group of Security Associations. Can apply to a single packet.
Firewall
A mechanism that acts to restrict access to a network according to a set of defined rules. Only authorised traffic should be allowed to pass, but all traffic must be checked.
Message Authentication Code (MAC)
A message digest is created with a key. This adds security to the message digest, by requiring a secret key to be possessed by both parties in order for the receiver to validate the message. The same message and key always produces an identical authentication code.
Threat
A potential violation of security (design flaws etc)
Packet sniffing
A program running in a network-attached device that passively receives all data link-layer frames passing by a device's network adapter.
Security Policy
A statement of what is, and is not allowed.
Certificate Authority
A trusted agent who certifies public keys for general use - User has to decide which CAs can be trusted. - Verifies and vouches for the identity information in a Certificate
Attack
Action that violates security. Active adversary.
Message Authentication
An authenticator, signature, or message authentication code (MAC) is sent along with the message. Authenticator comes from hash function or MAC.
Ciphertext
An encrypted message.
Diffie-Hellman key agreement protocol
Allows two users to exchange a secret key over an insecure medium without any prior secrets Public parameters: - p: prime number - q: an integer less than p, with the following property: for every number n between 1 and p-1 inclusive, there is a power k of g such that n = g^k mod p (i.e. primitive root of p) - Based on the difficulty of computing discrete logarithm of large numbers • the hosts next generate the public keys • the two host now exchange the public keys and the exchanged numbers are converted into a secret key
Authentication
Assurance that an entity of concern or the origin of a communication is authentic. Everyone is who they say they are.
Integrity
Assurance that the information has not been tampered with.
TCP session hijacking
B initiates a connection with A and is authenticated by a malignant application on A.
CA Hierarchy
CAs usually certify each other. There is often one root CA, with many CA children.
IPSec
Confidentiality, Integrity, Data source authentication, Replay protection, Access control. Mandatory for IPv6
Passive attacks
Data Interception, Traffic Analysis. Difficult to detect.
Certificate Revocation
Key compromise, CA compromise, affiliation changed (changing DN or other attribute), superseded (replaced), cessation - no longer needed
Firewall: Stateful packet inspection
Highly advanced and secure. • Examines all parts of the IP packet • Determine the state of each packet • Filters packets at the network layer • Secure and fast, but complex and expensive
IPSec Key Management
IPSec = heavy consumer of symmetric keys, one for each SA SAs for: {ESP,AH} x {tunnel,transport} x {sender, receiver}. Keys come either from manual typing, or the Internet Key Exchange.
Encapsulating Security Payload
IPSec protocol providing authentication, integrity and confidentially of network packets data/payload.
Trojan Horse
Innocuous program containing additional malignant code.
Active attacks
Interruption (DoS), Modification (Trojan, Virus), Fabrication (Spoofing, man-in-the-middle).
Internet Key Exchange
Invoked when the two nodes wish to communicate securely but the SAs are yet to be established. IKE solves generation of a symmetric key for a session of IPsec but without PKI man-in-the-middle attack is possible. IKE creates bidirectional SAs (not the same as IPsec SAs, but they can be converted to them)
Key
It is a variable value that is used by cryptographic algorithms to produce encrypted text, or decrypt encrypted text. Longer keys are more secure.
Nonces
Locally generated pseudorandom numbers.
Security Association Database
Maintains a lists of active SA's for inbound and outbound processing. Contains lifetime of SA, AH and ESP information, tunnel or transport mode. Every host or gateway participating in IPSec has their own SA database
Security Policy Database
Policy entries define which SA or SA Bundles to use on IP traffic. Each host or gateway has their own SPD. Contains a list of rules. Can either discard a packet, bypass it (do not apply security) or protect.
Phishing
Scam by which an e-mail user is duped into revealing sensitive information such as passwords and credit card details.
Distinguished names (DN)
Single, globally unique names that everyone could use when referring to an entity - legally meaningful. Country//Locality name//Organisation name//Organisation unit name//Common name
Security Parameters Index
The SPI allows the destination to select the correct SA under which the received packet will be processed (according to the agreement with the sender) The SPI is sent with the packet by the sender.
Encryption
The process of disguising a message in such a way as to hide its substance.
Decryption
The process of returning an encrypted message back into plaintext.
Transport Mode
The transport mode encrypts only the payload and ESP trailer; so the IP header of the original packet is not encrypted.
Registration Authority
Trusted agent for the CA. Performs certification etc for a CA.
Tunnel Mode
Tunnel mode protects the internal routing information by encrypting the IP header of the original packet. The original packet is encapsulated by a another set of IP headers. ESP applies only to the tunneled packet.
Internet Key Exchange Phase 2
Two session keys (for encryption+decryption) defined in phase 1. Negotiates Security Associations on behalf of other services like IPsec. Only in quick mode.
Manual Key Management
Useful when IPSec developers are debugging. Exchanged via email etc.
Virus behaviour
Viruses attach themselves to other programs.
Worm behaviour
Worms copy themselves computer to computer.
Security Mechanism
a procedure, tool, or method of enforcing a policy. (prevent, detect, and respond to recovery from attacks)
IP Spoofing
can generate "raw" IP packets directly from application, putting any value into IP source address field. Receiver can't tell if source is spoofed.
Denial of Service (DoS)
flood of maliciously generated packets to "swamp" receiver to prevent or inhibit the normal use or management of communications facilities. DDoS is distributed.
Symmetric key (aka secret key) Cyphers
• Use same key to encrypt and decrypt • One key shared and kept secret • All keys need to be replaced, if one key is compromised • Fast to encrypt, used for personal data. • Key maintenance is expensive. When new user joins group, everyone involved in key generation.
Firewall: Application level proxy server (application layer)
• What are you trying to do? (rarer) • Block all unless specifically allowed • Resource intensive, and must write new proxy application for new protocols • Poor performance and scalability but secure
Firewall: Packet filters (network layer)
• Where did you come and where are you going? Don't care what you do once you get there. • Decisions made on a per-packet basis • No state information saved • High performance but low security
RSA
• de-facto standard • Public-key cryptosystem: encryption and Authentication Encryption: - (a) Obtain Alice's authentic public key (n, e). - (b) Represent the message as an integer m in the interval [0; n -1]. - (c) Compute c = m^e mod n - (d) Send the cipher text c to Alice Decryption: - Use the private key d to recover m = c^d mod n