Slide 1
1
Networking
Authentication and Encryption
© Janice Regan, 2009-2017
© Janice Regan, 2009-2017
2
Network Security
When is a network or host secure:
System and software behave as expected
Only authorized use is occurring
Data and information are stored safely (including backups) and accessible only to those who have valid permission to see it
Applications available only to authorized users
Breach of security is not always malicious, It can be caused by ignorance of users, or accident just as easily.
© Janice Regan, 2009-2017
3
Basics to Security
Keeping your network or host secure is not all a matter of firewalls and encryption and fancy security programs
In an organization computer security must be part of a larger information security policy
To keep information secure physical backups and printouts, disks, and other manners of transmitting the information must also be managed.
© Janice Regan, 2009-2017
4
Basics to Security
Even something a simple as passwords for access control takes some thought
Users want something easy to remember, and don’t want to change passwords regularly
Assuring that common words and names are not used as passwords and that passwords must be changed regularly is important to sustained security
© Janice Regan, 2009-2017
5
Aspects of a security policy
Privacy/Confidentiality: protection from unauthorized access to data
Data Integrity: data must be protected from unauthorized modification or deletion
Data Availability: data must be available and protected from denial or degradation of access (denial of service attacks)
Authentication: system must allow communicating parties to validate each others identities
© Janice Regan, 2009-2017
6
Aspects of a security policy
Consistency: system must behave as expected, information should reside in a defined place. Changes should be well publicized before they occur
Access Control / Authorization: The system administrator and to a lesser extent the user should be able to regulate access to data and programs
Accountability: You should record activity or each users so you can determine when and why a problem / change occurs and be able to undo it
© Janice Regan, 2009-2017
7
How much security
It is clear that implementing these aspects of security has a price in overhead
As the level of security increases the overhead or cost increases.
The individual aspects also have trade offs
Increased confidentiality control and audit will decrease availability
If data is not strictly confidential, recovery may be preferable to increased security
Are you annoyed by “do you really want to do this” messages
© Janice Regan, 2009-2017
8
Network security
The internet is a primary source of security breaches.
Security can be compromised inside your own network too.
The only 100% solution is isolation, in most cases this is not efficient or practical
If you are administering a large network limiting access to the internet may or may not be practical
As the internet an connectivity for work at home become more a part of business connectivity it becomes less practical to isolate users from a valuable tool
© Janice Regan, 2009-2017
9
Authentication, encryption
Authentication protects the integrity of the message by ensuring that the source of the data is valid (permitted) and that the data has not been altered in transit
Encryption provides a mechanism to hide the contents of the message from all network users except the sender and receiver of the information.
Together authentication and encryption can provide a secure communication channel
© Janice Regan, 2009-2017
10
Why encrypt a channel? (1)
Any message sent on the internet, or any wired or wireless network (with the possible exception of optical fibre) can easily be eavesdropped.
We have done this for the network traffic in the network lab using Wireshark and tcpdump
When we collect packets using these tools we can easily read the entire contents of the packets.
Encryption allows us to ‘scramble’ or ‘code’ the contents of the packet so it cannot be directly read. It needs a key to decipher it into readable form. Only the sender and receiver know that key
© Janice Regan, 2009-2017
11
Why encrypt a channel? (2)
However, we cannot encrypt the entire IP header or the packets could not be delivered so some information will still need to be unencrypted and be available to used in IP forwarding
It is harder for an outsider to break the encryption if they cannot insert packets into the flow of data (eliciting expected responses)
© Janice Regan, 2009-2017
12
Why Authenticate a Channel? (1)
We have seen that we can write an application to build and send packets
What if a destination X will not accept packets from our IP (our lP has previously spammed them!!) but will happily accept packets from Y
We can intercept packets traveling to X from Y and then build packets that look like they come from Y and insert our data into the flow to X.
© Janice Regan, 2009-2017
13
Why Authenticate a Channel? (2)
Now imagine that instead of being the one sending the unwanted packets we are the one receiving them.
We need to authenticate, determine that the packets are really coming from our trusted IP (Y) and not from someone masquerading as the trusted IP (Y) (our host in the previous scenario )
© Janice Regan, 2009-2017
14
Necessary components
Both authentication and encryption are based on algorithms that require the end users to process the contents of the packets using a key known only to the sender and/or the receiver
This means that a third party, who does not have the key, will not be able to
Decrypt the packets encrypted contents to see what is in the packet
Make undetected changes to an authenticated packet, or make a packet appear to come from the authenticated sender.
© Janice Regan, 2009-2017
15
Encryption
Source uses an encryption key and a particular encryption algorithm to encrypt the data
The data is inserted into a packet and sent to the receiver
The receiver uses a decryption key to decrypt the data. If the keys match the decrypted data is readable otherwise it is not.
The keys may be secret or private keys, or public keys
Private key encryption is often used for long messages public key encryption for short messages. Short messages may include sending private keys in preparation for transmission of longer messages.
© Janice Regan, 2009-2017
16
Secret keys
Secret keys are known only by the sender and receiver. The decryption key is the same as or derivable from the encryption key.
Secret key encryption may also be called symmetric encryption because the same key can be used in both directions
High security, difficult to decrypt without the key.
© Janice Regan, 2009-2017
17
Secret keys
Requires many keys (one for each pair of users)
Uses an efficient encryption algorithm
Popular example DES, data encryption standard
How do you distribute keys?
Use public key encryption
A central distribution centre
© Janice Regan, 2009-2017
18
Public key / Private Key pairs
Encryption
Each user has a public key and a private key
Fewer keys needed
Pair for each user for authentication
Usually a different pair for each user for encryption
Public encryption key of the receiving user is used to encrypt the message
Private encryption key or the receiving user is used to decrypt the message.
Private key is not easily derivable from the public key
Sender encrypts using the receiver’s public encryption key
Only receiver can decrypt using its own private encryption key
RSA is an example of this approach.
© Janice Regan, 2009-2017
19
Public key / Private Key pairs
Authentication
Each user has a public authentication key and a private authentication key
Private authentication key of the sending user is used to authenticate the message
Only the sending user can authenticate that they sent the packet
Public authentication key or the sending user is used to verify the authenticaton the message.
Public authentication key is easily available so anyone can authenticate the source of the packet
RSA is an example of this approach.
© Janice Regan, 2009-2017
20
Public key / Private key pairs
Encryption/Decryption process is more computationally intensive than private key encryption
Must verify (authenticate) announced public key of a user
Verification may be done by a central authority (pairs users and keys and issues certificates for those keys)
© Janice Regan, 2009-2017
21
Digital Signature
Authentication:
Verify that the packet came from the user it indicates it came from (is not spoofed)
Non repudiation:
Sender cannot deny being the source of the packet because only he has the private key to sign the message
Integrity:
Packet cannot be changed in transit unless the person changing it has the private key of the sender: The message is the message sent
© Janice Regan, 2009-2017
22
Digital Signature
Used for authentication, integrity and non repudiation
Can sign entire document or digest of the document.
Algorithms such as SHA1 and MD5 are used to make digests of the document
More efficient to sign the digest rather than the whole document
© Janice Regan, 2009-2017
23
Digital Signature
At the source
use a hash function to create a digest of the packet
use private authentication key to encrypt the digest (sign the digest)
At the destination
use public authentication key to decrypt the digest.
recalculate the digest of the packet using the same algorithm
Compare the decrypted and recalculated digests
© Janice Regan, 2009-2017
24
Digital Signature
A message signed using a senders private key (known only by that user) indicates that the message comes from that user
Changes to the message between the sender and the receiver require knowledge of the private key to resign the new digest, So changes in transit cannot be made
Signature alone does not provide confidentiality of data. Only the digest is encrypted, not the data
© Janice Regan, 2009-2017
25
With VPN
New encapsulation
Shared keys (all users behind VPN use same key)
Dangerous (one user can hijack traffic, can have man in the middle attack)
/docProps/thumbnail.jpeg