Documente Academic
Documente Profesional
Documente Cultură
Flow Control
Error Detection
Error Correction
Half-duplex and full-duplex
checking
Internet checksum
Cyclic Redundancy Check (CRC)
Channel Partitioning
TDMA, FDMA
CDMA
Random Access
Pure Aloha, Slotted Aloha
1-Persistent/Non-Persistent/P-Persisten CSMA,
CSMA/CD, CSMA/CA
Taking turns
Polling
Token-passing
addressing
ARP
DHCP
Ethernet
Topology
Frame
CSMA/CD with binary exponential backoff
became commercialized
Alice
data
channel
secure
sender
Bob
data, control
messages
secure
receiver
data
Trudy
8: Network Security 8-8
8: Network Security8-11
Algorithm:
Should be public and known to all
Inspires trust that the algorithm works
Keys:
Should be long enough to prevent easy breaking of the
encryption
Should be short enough to keep algorithm efficient
Typical key lengths: 56-bit, 128-bit, 256-bit, 512-bit
8: Network Security 8-
encryption
algorithm
Bobs
K decryption
B key
ciphertext
decryption plaintext
algorithm
8: Network Security 8-
plaintext:
abcdefghijklmnopqrstuvwxyz
ciphertext:
mnbvcxzasdfghjklpoiuytrewq
E.g.:
KA-B
plaintext
message, m
encryption ciphertext
algorithm
K (m)
A-B
decryption plaintext
algorithm
m=K
A-B
( KA-B(m) )
8: Network Security 8-
Symmetric key
crypto: DES
DES operation
initial permutation
16 identical rounds of
function application,
each using different
48 bits of key
final permutation
8: Network Security 8-
8: Network Security 8-
Concerns
Problem with all the cryptography algorithms used so far:
this concern?
8: Network Security 8-
decryption key
Each user holds:
algorithms:
8: Network Security 8-
plaintext
message, m
encryption ciphertext
algorithm
+
K (m)
B
- Bobs private
B key
decryption plaintext
algorithm message
+
m = K B(K (m))
B
8: Network Security 8-
KB
KB
8: Network Security 8-
RSA example:
Bob chooses p=5, q=7. Then n=35, z=24.
e=5 (so e, z relatively prime).
d=29 (so ed-1 exactly divisible by z.
encrypt:
decrypt:
letter
me
12
1524832
c
17
c = me mod n
17
d
c
481968572106750915091411825223071697
m = cd mod n letter
12
l
8: Network Security 8-
RSA:
d
m = (m e mod n) mod n
Why is that
e
(m mod n) d mod n = med mod n
= m
ed mod (p-1)(q-1)
mod n
1
= m mod n
(since we chose ed to be divisible by
(p-1)(q-1) with remainder 1 )
= m
8: Network Security 8-
K (K (m))
+ = m = K (K (m))
B B
Authentication
Goal: Bob wants Alice to prove her identity
to him
Protocol ap1.0: Alice says I am Alice
I am Alice
Failure scenario??
8: Network Security 8-
Authentication
Goal: Bob wants Alice to prove her identity
to him
Protocol ap1.0: Alice says I am Alice
I am Alice
in a network,
Bob can not see
Alice, so Trudy simply
declares
herself to be Alice
8: Network Security 8-
Alices
I am Alice
IP address
Failure scenario??
8: Network Security 8-
Alices
IP address
8: Network Security 8-
Alices
Alices
Im Alice
IP addr password
Alices
IP addr
OK
Failure scenario??
8: Network Security 8-
Alices
Alices
Im Alice
IP addr password
Alices
IP addr
OK
Alices
Alices
Im Alice
IP addr password
8: Network Security 8-
Alices encrypted
Im Alice
IP addr password
Alices
IP addr
OK
Failure scenario??
8: Network Security 8-
Alices encrypted
Im Alice
IP addr password
Alices
IP addr
record
and
playback
still works!
OK
Alices encrypted
Im Alice
IP addr password
8: Network Security 8-
8: Network Security 8-
Authentication: ap5.0
ap4.0 requires shared symmetric key
can we authenticate using public key techniques?
ap5.0: use nonce, public key cryptography
I am Alice
R
Bob computes
+ -
K A (R)
KA
KA(KA (R)) = R
8: Network Security 8-
I am Alice
R
K (R)
T
K (R)
A
+
K
T
+
K
A
- +
m = K (K (m))
A A
+
K (m)
A
Trudy gets
- +
m = K (K (m))
T Alice
sends T
m to
+
K (m)
T
encrypted with
Alices public key
8: Network Security 8-
Difficult to detect:
Bob receives everything that Alice sends, and vice
versa. (e.g., so Bob, Alice can meet one week later and
recall conversation)
problem is that Trudy receives all messages as well!
Need to solve problem in public key distribution
8: Network Security 8-
Digital Signatures
Cryptographic technique analogous to handwritten signatures.
sender (Bob) digitally signs document,
8: Network Security 8-
Digital Signatures
Simple digital signature for message m:
Bob signs m by encrypting with his private key
-
Bobs message, m
Dear Alice
Oh, how I have
missed you. I think of
you all the time!
(blah blah blah)
K B Bobs private
key
Public key
encryption
algorithm
K B(m)
Bobs message,
m, signed
(encrypted) with
his private key
Bob
8: Network Security 8-
8: Network Security 8-
Message Digests
Computationally expensive
to public-key-encrypt
long messages
Goal: fixed-length, easy- tocompute digital
fingerprint
apply hash function H to
m, get fixed size message
digest, H(m).
large
message
m
H: Hash
Function
H(m)
ASCII format
494F5531
30302E39
39424F42
B2C1D2AC
message
IOU9
00.1
9BOB
ASCII format
494F5539
30302E31
39424F42
B2C1D2AC
different messages
but identical checksums!
8: Network Security 8-
H: Hash
function
Bobs
private
key
KB
encrypted
msg digest
H(m)
digital
signature
(encrypt)
encrypted
msg digest
KB(H(m))
large
message
m
H: Hash
function
H(m)
KB(H(m))
Bobs
public
key
KB
digital
signature
(decrypt)
H(m)
equal
?
8: Network Security 8-
8: Network Security 8-
Trusted Intermediaries
Symmetric key problem:
Solution:
trusted key distribution
Solution:
trusted certification
authority (CA)
8: Network Security 8-
each
KB-KDC
KA-KDC
KX-KDC
KY-KDC
KB-KDC
KZ-KDC
8: Network Security 8-
KA-KDC(A,B)
Alice
knows
R1
KA-KDC(R1, KB-KDC(A,R1) )
KB-KDC(A,R1)
Bob knows to
use R1 to
communicate
with Alice
Certification Authorities
Certification authority (CA): binds public key to
particular entity, E.
E (person, router) registers its public key with CA.
Bobs
identifying
information
KB
digital
signature
(encrypt)
CA
private
key
K-
CA
KB
certificate for
Bobs public key,
signed by CA
8: Network Security 8-
Certification Authorities
When Alice wants Bobs public key:
+
KB
digital
signature
(decrypt)
CA
public
key
Bobs
public
+
K B key
+
K CA
8: Network Security 8-
A certificate contains:
Serial number (unique to issuer)
info about certificate owner, including algorithm
issuer
valid dates
digital signature by issuer
8: Network Security 8-
Firewalls
firewall
isolates organizations internal net from larger
Internet, allowing some packets to pass,
blocking others.
public
Internet
administered
network
firewall
8: Network Security 8-
Firewalls: Why
prevent denial of service attacks:
SYN flooding: attacker establishes many bogus TCP
connections, no resources left for real connections.
prevent illegal modification/access of internal data.
e.g., attacker replaces CIAs homepage with
something else
allow only authorized access to inside network (set of
authenticated users/hosts)
two types of firewalls:
application-level
packet-filtering
8: Network Security 8-
Packet Filtering
Should arriving
packet be allowed
in? Departing packet
let out?
router firewall
router filters packet-by-packet, decision to
forward/drop packet based on:
8: Network Security 8-
Packet Filtering
Example 1: block incoming and outgoing
8: Network Security 8-
Application gateways
Filters packets on
host-to-gateway
telnet session
application
gateway
gateway-to-remote
host telnet session
8: Network Security 8-
8: Network Security 8-
Countermeasures?
8: Network Security 8-
8: Network Security 8-
src:B dest:A
payload
Countermeasures?
8: Network Security 8-
src:B dest:A
payload
8: Network Security 8-
A
src:B dest:A
Countermeasures?
payload
B
8: Network Security 8-
A
src:B dest:A
payload
B
8: Network Security 8-
SYN
SYN
SYN
SYN
SYN
B
Countermeasures?
SYN
SYN
8: Network Security 8-
filter out flooded packets (e.g., SYN) before reaching host: throw
out good with bad
traceback to source of floods (most likely an innocent,
compromised machine)
SYN
SYN
SYN
SYN
SYN
B
SYN
SYN
8: Network Security 8-
Secure e-mail
KS
K (.)
S
.
K ()
+
KB
KS(m )
KS(m )
+
+
KB(KS )
KS( )
Internet
KS
-
KB(KS )
KB ( )
KB
Alice:
8: Network Security 8-
Secure e-mail
KS
K (.)
S
.
K ()
+
KB
KS(m )
KS(m )
+
+
KB(KS )
KS( )
Internet
KS
-
KB(KS )
KB ( )
KB
Bob:
8: Network Security 8-
H( )
KA
.
K ()
-
KA(H(m))
KA(H(m))
KA
Internet
KA( )
H(m )
compare
H( )
H(m )
8: Network Security 8-
H( )
KA
KA( )
KA(H(m))
KS( )
m
KS
KS
KB ( )
KB
Internet
KB(KS )
8: Network Security 8-
server authentication
data encryption
client authentication
(optional)
server authentication:
SSL-enabled browser
includes public keys for
trusted CAs.
Browser requests
server certificate,
issued by trusted CA.
Browser uses CAs
public key to extract
servers public key from
certificate.
check your browsers
8: Network Security 8-
SSL (continued)
Encrypted SSL session:
Browser generates
symmetric session key,
encrypts it with servers
public key, sends encrypted
key to server.
Using private key, server
decrypts session key.
Browser, server know
session key
Transport Layer
Security (TLS).
SSL can be used for
non-Web applications,
e.g., IMAP.
Client authentication
can be done with client
certificates.
8: Network Security 8-
destination handshake:
create network-layer
logical channel called a
security association (SA)
Each SA unidirectional.
Uniquely determined by:
security protocol (AH or
ESP)
source IP address
32-bit connection ID
8: Network Security 8-
provides source
IP header
AH header
8: Network Security 8-
ESP Protocol
provides secrecy, host
ESP authentication
authentication, data
field is similar to AH
integrity.
authentication field.
data, ESP trailer encrypted.
Protocol = 50.
next header field is in ESP
trailer.
authenticated
encrypted
IP header
ESP
ESP
ESP
TCP/UDP segment
header
trailer authent.
8: Network Security 8-
8: Network Security 8-
8: Network Security 8-
permanent)
Host appends 24-bit initialization vector (IV) to
create 64-bit key
64 bit key used to generate stream of keys, kiIV
kiIV used to encrypt ith byte, di, in frame:
ci = di XOR kiIV
IV and encrypted bytes, ci sent in frame
8: Network Security 8-
d2
d3
dN
CRC1 CRC4
c1
c2
c3
cN
cN+1 cN+4
802.11
IV
header
WEP-encrypted data
plus CRC
8: Network Security 8-
Attack:
8: Network Security 8-
possible
provides key distribution
uses authentication server separate from
access point
8: Network Security 8-
AS:
Authentication
server
wired
network
1 Discovery of
security capabilities
3 AS derives
same PMK,
sends to AP
8: Network Security 8-
server protocol
EAP sent over separate links
wired
network
EAP TLS
EAP
EAP over LAN (EAPoL)
IEEE 802.11
RADIUS
UDP/IP
8: Network Security 8-