LM CCN Section 6.1: Security of Network Traffic
Computer and Communication Networks
Security of Network Traffic John Easton
1
Learning Objectives
o Securing Network Traffic
– Cryptography – WEP
2
Confidentiality of Traffic
o Wireless networking presents a unique challenge – Wired networks use a broadcast medium that is
confidential to the network (physical cabling) – Wireless broadcast propagates widely
o 802.11 standard had to address confidentiality
– …at least to an equivalent level to wired networks
3
1
LM CCN Section 6.1: Security of Network Traffic
Cryptography
o Cryptography (Greek : kryptos-hidden) is the science of making messages secure.
o The original message is the plaintext.
o The encryption/decryption algorithm is called the cipher. o The encrypted message is the ciphertext.
o Note – cryptography is different from steganography.
– Steganography (from Greek steganos-covered and
graphein-to write) involves hiding the existence of a message.
4
Cryptography and the Caesar
Cipher
o The Caesar cipher is a very simple example of a monoalphabetic cipher. It can use a simple shift between the plain alphabet and cipher alphabet. The exact shift can be considered as the cipher key.
o An example of a 3 letter shifted Caesar cipher (lower case for plaintext and UPPERCASE for ciphertext.
abcdefghijklmnopqrstuvwxyz DEFGHIJKLMNOPQRSTUVWXYZABC
5
Keys and the Caesar Cipher
o The simple Caesar cipher has just 25 keys (i.e., 25 possible shifts). So that cryptanalysts could quickly break the code by trying all possible shifts.
o A compromise involves the use of a keyword or key phrase, e.g., ‘JULIUS CAESER’
abcdefghijklmnopqrstuvwxyz JULISCAERBDFGHKMNOPQTVWXYZ
6
2
LM CCN Section 6.1: Security of Network Traffic
Cryptanalysis
o In“TheCodeBook”,SimonSinghdescribeshowearlyArabian scholars invented cryptanalysis, for example, using frequency analysis to identify substitutions.
o Relativefrequenciesoflettersofthealphabet:
a
8.2
h
6.1
o
7.5
v
1.0
b
1.5
i
7.0
p
1.9
w
2.4
c
2.8
j
0.2
q
0.1
x
0.2
d
4.3
k
0.8
r
6.0
y
2.0
e
12.7
l
4.0
s
6.3
z
0.1
f
2.2
m
2.4
t
9.1
g
2.0
n
6.7
u
2.8
7
The Vigenère Cipher
o The Vigenère cipher was published in 1586. It is a polyalphabetic cipher (as opposed to a monoalphabetic cipher) because it uses several cipher alphabets per message. This makes frequency cryptanalysis more difficult.
o Again a key (keyword or key phrase) is required.
8
9
3
LM CCN Section 6.1: Security of Network Traffic
DES – The Data Encryption Standard
o Symmetric key systems use a shared key known to both parties
o IBM invented “Lucifer”, an encryption system adopted as the Data Encryption Standard (DES) in 1976.
o DES repeatedly scrambles (mangles) blocks of 64 bits with an encryption key of 56bits.
o The key was reduced from a longer key to 56bits as required by the American NSA (National Security Agency).
64-bit plaintext
Initial permutation
Iteration 1
Iteration 2
Iteration 16
32-bit swap
Inverse permutation
64-bit ciphertext
56-bit key Generate 16 per-iteration keys
48-bit Key 1 48-bit Key 2
48-bit Key 16
10
The Key Distribution Problem
o How can secret keys be exchanged by parties who want to communicate?
o In the late 1970s, banks distributed keys by employing special dispatch riders who had been vetted and were among the company’s most trusted employees. They would travel across the world with padlocked briefcases, personally distributing keys to everyone who
would receive messages from the bank over the next week.
11
Diffie-Hellman-Merkle
o Whitfield Diffie and Martin Hellman.
o Diffie accepted a research position with Hellman and was later joined by Ralph Merkle at Stanford.
o Diffie imagined two strangers (Alice and Bob) meeting on the Internet and wondered how they could send each other an encrypted message which an eavesdropper (Eve) could not read).
o Although safe key exchange
had been considered impossible …
(c) Chuck Painter/Stanford News Service
– Ralph Merkle, Martin Hellman, Whitfield Diffie (1977)
12
4
LM CCN Section 6.1: Security of Network Traffic
A Simple Padlock Example
o Itispossibletoimaginesecuremessage exchange over an insecure communication system.
o ImagineAlicesendsapackagetoBobsecuring it with a padlock. Bob can’t open it – but adds his own padlock to it and sends it back to Alice who removes her padlock and sends it back to Bob – Bob can now open his own padlock. QED.
o AliceandBobbothkepttheirkeyssafeandthe package was never unlocked in the system.
o Theproblemwithapplyingthissimplesolution
was the order of events.
– Thesolutionistohave2keys.Apublickey
and a private key
13
Public key encryption
o AlicewantstosendBoba confidential email
– SheencryptsitwithBob’s public key which is available to anyone
– Bobcandecryptthe message with his private key which only he knows
– Anyoneinterceptingthe email would need Bob’s private key to decrypt it
14
15
RSA (Rivest, Shamir and Adleman)
o RSAisapublickeyencryptionmethodusingasymmetrickeys o ThiswasdevelopedbyRivest,ShamirandAdlemanatMITand
announced in Scientific American in August 1977.
o Thesystemisbasedon2largeprimes,pandqwhicharemultiplied together as part of the public key N.
– FactoringNintopandqisextremelydifficultforlargeN.
– Forbankingtransactions,N>10308providesanextremelyhighlevel
of security (a hundred million PCs would take more than 1000 years to find p and q.)
5
LM CCN Section 6.1: Security of Network Traffic
RSA – Key Generation
o Key generation:
– Choose two large primes, p and q
– Compute n = pq, and z = (p-1)(q-1)
– Choose a number, e, smaller than n and with no common
factors other than 1 (relative prime)
– Find an number d such that ed-1 is exactly divisible by z (i.e.
ed mod z = 1)
o The new public key is then the pair of numbers (n, e)
o The associated private key is the pair of numbers (n, d)
16
RSA – Encryption / Decryption
o Suppose Alice wants to transmit a large integer number, m, to Bob
– m must be smaller than n
o The encrypted value is calculated using
Bob’s public key (n, e) – c = me mod n
o To decrypt the message, Bob applies his private key (n, d)
– m = cd mod n
17
RSA – Example
o Suppose Alice wants to send Bob a message, she knows Bob’s public key (n=35, e=5)
o Alice converts her plaintext into a numerical representation and encrypts using the public key as shown
o Alice transmits the ciphertext to Bob
Plaintext
l
o
v
e
m: numerical representation of plaintext
12
15
22
5
me
248832
759375
5153632
3125
Ciphertext c=me mod n
17
15
22
10
18
6
LM CCN Section 6.1: Security of Network Traffic
RSA – Example (Cont.)
o Bob receives Alice’s message, he knows his private key (n=35, d=29)
o Bob converts Alice’s ciphertext into plaintext using the private key as shown
o Alice has successfully transmitted her message to Bob
Cipher
cd
m=cd mod n
Plain
17
4819685721067509150915091411825223071697
12
l
15
127834039403948858939111232757568359375
15
o
22
851643319086537701956194499721106030592
22
v
10
1000000000000000000000000000000
5
e
19
Applications of RSA
o Most major hardware and software vendors have a license from RSA Data Security to develop products using the RSA encryption system
– Extensively used in banking applications, defence and large manufacturing companies
o The RSA system is actually a combination of the DES encryption system and public key encryption
– A unique DES key (session key) is used for the bulk of the message, as DES is faster to compute than RSA
– The DES key is encrypted for exchange using RSA
– The combination of the encrypted message (using a symmetric key) and the public key encrypted symmetric key is known as a digital envelope
20
21
Digital Signatures for Verification
o A digital signature is something that is attached to data (documents) which verify the source and also verify that the data has not been tampered with (authenticity and integrity)
– The signature is a hash function computed from the data
– Essentially a binary digest of the data
– The signature is encrypted with the senders private key and appended to the document
o The public and private key can be applied in either order!
– mE xD=mD xE≡mmodN
10110011010100
7
LM CCN Section 6.1: Security of Network Traffic
22
Digital Signatures for Verification
– The signature can be decrypted with the senders public key – If the hash strings match, then it can only have come from
the sender AND
– Data integrity is guaranteed
?
Wired Equivalent Privacy (WEP)
o Introduced with 802.11 in 1999 o Designed to give comparable
privacy to a wired network
o Used either 40 or 104 bit keys
– WEP-40, WEP-104
o Superseded by WPA in 802.11i
(2004)
o Symmetric key approach, both host and access point share a key, but no defined key management algorithm
o Authentication achieved by nonce
– Host requests authentication, AP supplies 128-byte nonce, host encrypts, if AP can decrypt with shared key then host is valid
23
WEP-40 Protocol
o 40-bit symmetric key and 24-bit initialisation vector (IV) give 64-bit key
o Encryption is as follows:
– 4-byte CRC generated for data payload
– RC4 stream cypher produces a stream of key values from the 64-bit key
– ith item of data + CRC (usually per byte) XOR-ed with ith value from key stream to generate cyphertext
o IV sent plaintext in frame along with encrypted data
o Receiver generates 64-bit key from secret + IV then applies RC4
– Data decrypted using XOR of key stream to cyphertext
24
8
LM CCN Section 6.1: Security of Network Traffic
Issues with WEP
o Correct use of RC4 requires 64-bit key is only used once – WEP uses one key per frame
o Given shared key seldom changes, WEP has a possible 224 unique keys
– Probability of reuse over 99% after just 12,000 frames
– With 1KB frame at 11Mbps, that’s just a few seconds of
communication!
o IV is transmitted plaintext, it is possible to see when a key is
reused!
o IP spoofing enables keystream for known IV to be determined
– Next time that IV used in a genuine frame, data is easy to decrypt
25
Summary
o Securing Network Traffic
– Cryptography – WEP
26
9